Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introduction to OAuth2

176 views

Published on

Introduction to OAuth2

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Introduction to OAuth2

  1. 1. @seanw122
  2. 2. Who are you? Authentication Authorization What can you access?
  3. 3. OAuth is about Authorization After the user is authenticated resources can then be accessed.
  4. 4. OAuth is about Authorization resources can then be accessed. After the user is authenticated
  5. 5. Roles Grant Types / Flows Example Tools Getting Started More Learning
  6. 6. Roles “Resource Owner” User
  7. 7. Roles Resource Server
  8. 8. Roles Authorization Server
  9. 9. Roles Client
  10. 10. Grant Types “Server” Primary type used. Can be for Web Apps, Browser based app, and mobile apps.
  11. 11. Grant Types
  12. 12. Grant Types
  13. 13. Grant Types Grants access token and does not use a secret. Used by some mobile apps and web applications. Replaced by Authorization Code without a secret.
  14. 14. An Example Authorization Code
  15. 15. Please login CancelOk User Name Password
  16. 16. This application would like to access your profile and files. DenyAllow
  17. 17. CancelOk
  18. 18. Application (client) Authorization Server 1. 8. 9. 2. When user logs into Authorization Server and allows the application to use the resources the application receives a one time use code. 3. 7. 4. 6.5. Browser seans_fake_app.com
  19. 19. Application (client) Authorization Server 1. 2. Here the application can store the user information along with their associated access token information.
  20. 20. Application (client) Resource Server 1. 2.Now the application can access allowed resources on behalf of the user using the access token.
  21. 21. getpostman.com
  22. 22. telerik.com/fiddler
  23. 23. curl.haxx.se
  24. 24. https://developers.google.com/oauthplayground
  25. 25. https://developers.google.com/identity/choose-auth
  26. 26. console.developers.google.com
  27. 27. developers.google.com/identity/protocols/googlescopes#drivev3
  28. 28. https://developers.google.com/drive/v3/reference/files/list
  29. 29. aaronparecki.com/oauth-2-simplified digitalocean.com/community/tutorials/an-introduction-to-oauth-2 alexbilbie.com/guide-to-oauth-2-grants
  30. 30. manning.com/books/oauth-2-in-action packtpub.com/application-development/mastering-oauth-2

×