Prepared for API Meetup Tokyo #13 https://api-meetup.doorkeeper.jp/events/41135
昨今、APIアクセス認可のフレームワークとして "OAuth" 仕様を使うケースが一般的になっています。本セッションでは OAuth 適用のトレンドと今後について紹介します。
Prepared for API Meetup Tokyo #13 https://api-meetup.doorkeeper.jp/events/41135
昨今、APIアクセス認可のフレームワークとして "OAuth" 仕様を使うケースが一般的になっています。本セッションでは OAuth 適用のトレンドと今後について紹介します。
[SC07] Azure AD と Ruby で学ぶ OpenID Connect!de:code 2017
B2C の世界では ID 連携 (Federation) プロトコルの標準となっている OpenID Connect ですが、Azure AD でもこのプロトコルを利用できること、ご存知でしょうか? このセッションでは、XML より JSON が好きというみなさんに向けて、Azure AD との OpenID Connect による ID 連携の実装方法を紹介します。 この機会に、モダンな ID 連携方式を学びましょう!
受講対象: Azure Active Directory や OpenID Connect に興味のある開発者およびアーキテクト
製品/テクノロジ: アーキテクチャ/アイデンティティ (AD/Azure AD)
真武 信和
YAuth.jp LLC/OpenID Foundation Japan
YAuth.jp LLC CEO, OpenID Foundation Japan Executive Director
We Are the Circumcision - Christians worship God in the Spirit, glories in Christ, and does not put confidence in themselves (in the flesh) but in the Lord. In other words, it's not about us AND it's all about the Lord that makes us who we are.
[SC07] Azure AD と Ruby で学ぶ OpenID Connect!de:code 2017
B2C の世界では ID 連携 (Federation) プロトコルの標準となっている OpenID Connect ですが、Azure AD でもこのプロトコルを利用できること、ご存知でしょうか? このセッションでは、XML より JSON が好きというみなさんに向けて、Azure AD との OpenID Connect による ID 連携の実装方法を紹介します。 この機会に、モダンな ID 連携方式を学びましょう!
受講対象: Azure Active Directory や OpenID Connect に興味のある開発者およびアーキテクト
製品/テクノロジ: アーキテクチャ/アイデンティティ (AD/Azure AD)
真武 信和
YAuth.jp LLC/OpenID Foundation Japan
YAuth.jp LLC CEO, OpenID Foundation Japan Executive Director
We Are the Circumcision - Christians worship God in the Spirit, glories in Christ, and does not put confidence in themselves (in the flesh) but in the Lord. In other words, it's not about us AND it's all about the Lord that makes us who we are.
1. OAuth 2.0 provides a framework for authorization that defines four client types (web servers, user-agents, native applications, and autonomous clients) and three authorization flows (authorization code, implicit, and client credentials).
2. The authorization endpoint uses HTTP requests to obtain authorization from the resource owner via user-agent redirection or prompting the client directly. The token endpoint exchanges authorization codes or refresh tokens for access tokens via HTTP POST.
3. Access tokens are used by clients to access protected resources by passing the token in the authorization header, URI query parameter, or form-encoded body parameter of a request.
The Role of 'Law' in our Salvation - Did you know that your salvation is based upon 'law'? Sure it is, it's just that it is not based upon the "Law" of works. It is based upon the "law of faith". See how God demonstrates His righteousness through the law.
This document discusses OpenID Connect aggregated and distributed claims. It defines normal claims as those directly asserted by the OpenID provider. Aggregated claims are asserted by another claims provider but returned by the OpenID provider. Distributed claims are also asserted by another provider but returned as references by the OpenID provider. The document provides examples of aggregated and distributed claims and notes that distributed claims may be better for sensitive information as they do not require the OpenID provider to directly handle claim values. It also presents a use case of multi-step OpenID Connect and suggests other potential use cases.
This document summarizes OAuth 2.0 draft 8 specifications, including:
- Four client types: web servers, user-agents, native apps, autonomous clients
- Two endpoints: authorization and token
- Accessing protected resources by sending an access token as a bearer token
- Simplifications from OAuth 1.0 like removing signatures and using bearer tokens
- Some remaining questions around assurance levels and user-centric features