OAuth 2.1 and Beyond
Offered By: NDC Conferences via YouTube
Course Description
Overview
Syllabus
Intro
High Security OAuth
Relevant Documents
OAuth 2.1
Rich Authorization Requests (RAR)
Example (2)
Example Authorization Request
JWT Secured Authorization Requests
Enabling JAR in IdentityServer
Pushed Authorization Requests PAR
Pushed Authorization Request & Respo
Authorization Request using request_
Shared Secrets
Recommendations
Sending a private_key_jwt
"Proof-of-Possession" History
Weakness of Bearer Tokens
Proof of Possession using MTLS
Mutual TLS
Sender Constrained Access Tokens w
Creating an X.509 Client Certificate
Setting a Client Certificate
Calling the Token Endpoint
MTLS Endpoints
Server Metadata
Choice of Web Server / Proxy
Example: Sub-domains with Nginx
Reading Certificate from Header
Certificate Authentication Handler
Enabling MTLS in IdentityServer
Verifying Access Token Ownership at Rese
Pipeline Overview
Summary
Taught by
NDC Conferences
Related Courses
Health Informatics: Data and Interoperability StandardsGeorgia Institute of Technology via edX Fractal Architecture
NDC Conferences via YouTube Strangling the Monolith - Applied Patterns & Practices from the Trenches
NDC Conferences via YouTube Refactoring Is Not Just Clickbait
NDC Conferences via YouTube Amazing Algorithms for Solving Problems in Software
NDC Conferences via YouTube