Submit Search
Upload
OAuth2 Authorization Server Under the Hood
•
Download as PPTX, PDF
•
1 like
•
72 views
L
Lohika_Odessa_TechTalks
Follow
Understanding how OAuth2 Authorization Server works behind the scenes
Read less
Read more
Software
Report
Share
Report
Share
1 of 37
Download now
Recommended
Opa in the api management world
Opa in the api management world
Luca Mattia Ferrari
Introduction to OPA
Introduction to OPA
Knoldus Inc.
OPA APIs and Use Case Survey
OPA APIs and Use Case Survey
Torin Sandall
How Netflix Is Solving Authorization Across Their Cloud
How Netflix Is Solving Authorization Across Their Cloud
Torin Sandall
Policy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy Agent
VMware Tanzu
Api gateway in microservices
Api gateway in microservices
Kunal Hire
CNCF opa
CNCF opa
Juraj Hantak
Design and Evolution of APIs in Microservice Architecture
Design and Evolution of APIs in Microservice Architecture
Lohika_Odessa_TechTalks
Recommended
Opa in the api management world
Opa in the api management world
Luca Mattia Ferrari
Introduction to OPA
Introduction to OPA
Knoldus Inc.
OPA APIs and Use Case Survey
OPA APIs and Use Case Survey
Torin Sandall
How Netflix Is Solving Authorization Across Their Cloud
How Netflix Is Solving Authorization Across Their Cloud
Torin Sandall
Policy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy Agent
VMware Tanzu
Api gateway in microservices
Api gateway in microservices
Kunal Hire
CNCF opa
CNCF opa
Juraj Hantak
Design and Evolution of APIs in Microservice Architecture
Design and Evolution of APIs in Microservice Architecture
Lohika_Odessa_TechTalks
Opentracing jaeger
Opentracing jaeger
Oracle Korea
Istio's mixer policy enforcement with custom adapters (cloud nativecon 17)
Istio's mixer policy enforcement with custom adapters (cloud nativecon 17)
Torin Sandall
Brushing skills on SignalR for ASP.NET developers
Brushing skills on SignalR for ASP.NET developers
ONE BCG
How do async ap is survive in a rest world
How do async ap is survive in a rest world
Luca Mattia Ferrari
Kong
Kong
Troublemaker Khunpech
Hyperledger Fabric & Composer
Hyperledger Fabric & Composer
Dr. Ketan Parmar
apidays LIVE New York 2021 - Introduction to HATEOAS with Ketting by Evert Po...
apidays LIVE New York 2021 - Introduction to HATEOAS with Ketting by Evert Po...
apidays
APIdays Helsinki 2019 - gRPC: Lightning Fast, Self-Documenting APIs with Moha...
APIdays Helsinki 2019 - gRPC: Lightning Fast, Self-Documenting APIs with Moha...
apidays
Hyperledger Fabric: A Custom Blockchain Solution for Corporate Use
Hyperledger Fabric: A Custom Blockchain Solution for Corporate Use
Robert Tochman-Szewc
Inter process communication
Inter process communication
Tamer Rezk
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618
Arnaud Le Hors
Microservices Communication Patterns with gRPC
Microservices Communication Patterns with gRPC
WSO2
How to integrate legacy systems within a modern polyglot and event driven arc...
How to integrate legacy systems within a modern polyglot and event driven arc...
Andrea Gioia
Kong API Gateway
Kong API Gateway
Chris Mague
Hyperledger fabric 20180528
Hyperledger fabric 20180528
Arnaud Le Hors
RPKI Trust Anchor
RPKI Trust Anchor
APNIC
IBM Bluemix Nice Meetup - 20171120 - Hyperledger Fabric & Composer
IBM Bluemix Nice Meetup - 20171120 - Hyperledger Fabric & Composer
IBM France Lab
Hyperledger fabric architecture
Hyperledger fabric architecture
Celine George
Using an API Gateway for Microservices
Using an API Gateway for Microservices
NGINX, Inc.
Distributed tracing with OpenTracing and Jaeger @ getstream.io
Distributed tracing with OpenTracing and Jaeger @ getstream.io
Max Klyga
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Hitachi, Ltd. OSS Solution Center.
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
APIsecure_ Official
More Related Content
What's hot
Opentracing jaeger
Opentracing jaeger
Oracle Korea
Istio's mixer policy enforcement with custom adapters (cloud nativecon 17)
Istio's mixer policy enforcement with custom adapters (cloud nativecon 17)
Torin Sandall
Brushing skills on SignalR for ASP.NET developers
Brushing skills on SignalR for ASP.NET developers
ONE BCG
How do async ap is survive in a rest world
How do async ap is survive in a rest world
Luca Mattia Ferrari
Kong
Kong
Troublemaker Khunpech
Hyperledger Fabric & Composer
Hyperledger Fabric & Composer
Dr. Ketan Parmar
apidays LIVE New York 2021 - Introduction to HATEOAS with Ketting by Evert Po...
apidays LIVE New York 2021 - Introduction to HATEOAS with Ketting by Evert Po...
apidays
APIdays Helsinki 2019 - gRPC: Lightning Fast, Self-Documenting APIs with Moha...
APIdays Helsinki 2019 - gRPC: Lightning Fast, Self-Documenting APIs with Moha...
apidays
Hyperledger Fabric: A Custom Blockchain Solution for Corporate Use
Hyperledger Fabric: A Custom Blockchain Solution for Corporate Use
Robert Tochman-Szewc
Inter process communication
Inter process communication
Tamer Rezk
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618
Arnaud Le Hors
Microservices Communication Patterns with gRPC
Microservices Communication Patterns with gRPC
WSO2
How to integrate legacy systems within a modern polyglot and event driven arc...
How to integrate legacy systems within a modern polyglot and event driven arc...
Andrea Gioia
Kong API Gateway
Kong API Gateway
Chris Mague
Hyperledger fabric 20180528
Hyperledger fabric 20180528
Arnaud Le Hors
RPKI Trust Anchor
RPKI Trust Anchor
APNIC
IBM Bluemix Nice Meetup - 20171120 - Hyperledger Fabric & Composer
IBM Bluemix Nice Meetup - 20171120 - Hyperledger Fabric & Composer
IBM France Lab
Hyperledger fabric architecture
Hyperledger fabric architecture
Celine George
Using an API Gateway for Microservices
Using an API Gateway for Microservices
NGINX, Inc.
Distributed tracing with OpenTracing and Jaeger @ getstream.io
Distributed tracing with OpenTracing and Jaeger @ getstream.io
Max Klyga
What's hot
(20)
Opentracing jaeger
Opentracing jaeger
Istio's mixer policy enforcement with custom adapters (cloud nativecon 17)
Istio's mixer policy enforcement with custom adapters (cloud nativecon 17)
Brushing skills on SignalR for ASP.NET developers
Brushing skills on SignalR for ASP.NET developers
How do async ap is survive in a rest world
How do async ap is survive in a rest world
Kong
Kong
Hyperledger Fabric & Composer
Hyperledger Fabric & Composer
apidays LIVE New York 2021 - Introduction to HATEOAS with Ketting by Evert Po...
apidays LIVE New York 2021 - Introduction to HATEOAS with Ketting by Evert Po...
APIdays Helsinki 2019 - gRPC: Lightning Fast, Self-Documenting APIs with Moha...
APIdays Helsinki 2019 - gRPC: Lightning Fast, Self-Documenting APIs with Moha...
Hyperledger Fabric: A Custom Blockchain Solution for Corporate Use
Hyperledger Fabric: A Custom Blockchain Solution for Corporate Use
Inter process communication
Inter process communication
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618
Microservices Communication Patterns with gRPC
Microservices Communication Patterns with gRPC
How to integrate legacy systems within a modern polyglot and event driven arc...
How to integrate legacy systems within a modern polyglot and event driven arc...
Kong API Gateway
Kong API Gateway
Hyperledger fabric 20180528
Hyperledger fabric 20180528
RPKI Trust Anchor
RPKI Trust Anchor
IBM Bluemix Nice Meetup - 20171120 - Hyperledger Fabric & Composer
IBM Bluemix Nice Meetup - 20171120 - Hyperledger Fabric & Composer
Hyperledger fabric architecture
Hyperledger fabric architecture
Using an API Gateway for Microservices
Using an API Gateway for Microservices
Distributed tracing with OpenTracing and Jaeger @ getstream.io
Distributed tracing with OpenTracing and Jaeger @ getstream.io
Similar to OAuth2 Authorization Server Under the Hood
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Hitachi, Ltd. OSS Solution Center.
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
APIsecure_ Official
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
Hitachi, Ltd. OSS Solution Center.
Oracle Blockchain Experience Day
Oracle Blockchain Experience Day
Juarez Junior
Oracle Blockchain Platform
Oracle Blockchain Platform
Juarez Junior
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Digital Transformation EXPO Event Series
Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2
Mohammad Asif
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
Arnaud Le Hors
How to Build a Decentralized BlockchainApp with the Oracle Blockchain Platform
How to Build a Decentralized BlockchainApp with the Oracle Blockchain Platform
Juarez Junior
Blockchain, Hyperledger and the Oracle Blockchain Platform
Blockchain, Hyperledger and the Oracle Blockchain Platform
Juarez Junior
De la bonne utilisation de OAuth2
De la bonne utilisation de OAuth2
Leonard Moustacchis
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
apidays
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
WSO2
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04
Synacts
API Security with OAuth2.0.
API Security with OAuth2.0.
Kellton Tech Solutions Ltd
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
Christian Glahn
IRJET- Proof of Document using Multichain and Ethereum
IRJET- Proof of Document using Multichain and Ethereum
IRJET Journal
Blockchain HyperLedger Fabric Internals - Clavent
Blockchain HyperLedger Fabric Internals - Clavent
Araf Karsh Hamid
Blockchain Intro to Hyperledger Fabric
Blockchain Intro to Hyperledger Fabric
Araf Karsh Hamid
Digital Certificate Verification using Blockchain
Digital Certificate Verification using Blockchain
IRJET Journal
Similar to OAuth2 Authorization Server Under the Hood
(20)
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
Oracle Blockchain Experience Day
Oracle Blockchain Experience Day
Oracle Blockchain Platform
Oracle Blockchain Platform
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
How to Build a Decentralized BlockchainApp with the Oracle Blockchain Platform
How to Build a Decentralized BlockchainApp with the Oracle Blockchain Platform
Blockchain, Hyperledger and the Oracle Blockchain Platform
Blockchain, Hyperledger and the Oracle Blockchain Platform
De la bonne utilisation de OAuth2
De la bonne utilisation de OAuth2
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04
API Security with OAuth2.0.
API Security with OAuth2.0.
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
IRJET- Proof of Document using Multichain and Ethereum
IRJET- Proof of Document using Multichain and Ethereum
Blockchain HyperLedger Fabric Internals - Clavent
Blockchain HyperLedger Fabric Internals - Clavent
Blockchain Intro to Hyperledger Fabric
Blockchain Intro to Hyperledger Fabric
Digital Certificate Verification using Blockchain
Digital Certificate Verification using Blockchain
More from Lohika_Odessa_TechTalks
Debugging Microservices - key challenges and techniques - Microservices Odesa...
Debugging Microservices - key challenges and techniques - Microservices Odesa...
Lohika_Odessa_TechTalks
Micro-frontends – is it a new normal?
Micro-frontends – is it a new normal?
Lohika_Odessa_TechTalks
Multithreading in go
Multithreading in go
Lohika_Odessa_TechTalks
Druid - Interactive Analytics At Scale
Druid - Interactive Analytics At Scale
Lohika_Odessa_TechTalks
DevOps Odessa #TechTalks 21.01.2020
DevOps Odessa #TechTalks 21.01.2020
Lohika_Odessa_TechTalks
Jenkins' shared libraries in action
Jenkins' shared libraries in action
Lohika_Odessa_TechTalks
Prometheus: infrastructure and application monitoring in kubernetes cluster
Prometheus: infrastructure and application monitoring in kubernetes cluster
Lohika_Odessa_TechTalks
Architectural peripherals of react by Vadym Zhiltsov
Architectural peripherals of react by Vadym Zhiltsov
Lohika_Odessa_TechTalks
React native by example by Vadim Ruban
React native by example by Vadim Ruban
Lohika_Odessa_TechTalks
Aws lambda by Leonid Amigud
Aws lambda by Leonid Amigud
Lohika_Odessa_TechTalks
Congratulations, you have been promoted to a manager role. You`ve got new pro...
Congratulations, you have been promoted to a manager role. You`ve got new pro...
Lohika_Odessa_TechTalks
"Don't touch me and give me my money" or how motivate people who can but don...
"Don't touch me and give me my money" or how motivate people who can but don...
Lohika_Odessa_TechTalks
Docker based Architecture by Denys Serdiuk
Docker based Architecture by Denys Serdiuk
Lohika_Odessa_TechTalks
SparkSpark in the Big Data dark by Sergey Levandovskiy
SparkSpark in the Big Data dark by Sergey Levandovskiy
Lohika_Odessa_TechTalks
Burnout and how to avoid it in your team. Responsible person's issue by Andre...
Burnout and how to avoid it in your team. Responsible person's issue by Andre...
Lohika_Odessa_TechTalks
Performance evaluation process as a way to empower your employees and help th...
Performance evaluation process as a way to empower your employees and help th...
Lohika_Odessa_TechTalks
Selenium with py test by Alexandr Vasyliev for Lohika Odessa Python TechTalks
Selenium with py test by Alexandr Vasyliev for Lohika Odessa Python TechTalks
Lohika_Odessa_TechTalks
" Performance testing for Automation QA - why and how " by Andrey Kovalenko f...
" Performance testing for Automation QA - why and how " by Andrey Kovalenko f...
Lohika_Odessa_TechTalks
"WEB applications security testing" by Kirill Semenov for Lohika Odessa QA Te...
"WEB applications security testing" by Kirill Semenov for Lohika Odessa QA Te...
Lohika_Odessa_TechTalks
Developing Rest services with SailsJs by Andrey Kolodnitskiy
Developing Rest services with SailsJs by Andrey Kolodnitskiy
Lohika_Odessa_TechTalks
More from Lohika_Odessa_TechTalks
(20)
Debugging Microservices - key challenges and techniques - Microservices Odesa...
Debugging Microservices - key challenges and techniques - Microservices Odesa...
Micro-frontends – is it a new normal?
Micro-frontends – is it a new normal?
Multithreading in go
Multithreading in go
Druid - Interactive Analytics At Scale
Druid - Interactive Analytics At Scale
DevOps Odessa #TechTalks 21.01.2020
DevOps Odessa #TechTalks 21.01.2020
Jenkins' shared libraries in action
Jenkins' shared libraries in action
Prometheus: infrastructure and application monitoring in kubernetes cluster
Prometheus: infrastructure and application monitoring in kubernetes cluster
Architectural peripherals of react by Vadym Zhiltsov
Architectural peripherals of react by Vadym Zhiltsov
React native by example by Vadim Ruban
React native by example by Vadim Ruban
Aws lambda by Leonid Amigud
Aws lambda by Leonid Amigud
Congratulations, you have been promoted to a manager role. You`ve got new pro...
Congratulations, you have been promoted to a manager role. You`ve got new pro...
"Don't touch me and give me my money" or how motivate people who can but don...
"Don't touch me and give me my money" or how motivate people who can but don...
Docker based Architecture by Denys Serdiuk
Docker based Architecture by Denys Serdiuk
SparkSpark in the Big Data dark by Sergey Levandovskiy
SparkSpark in the Big Data dark by Sergey Levandovskiy
Burnout and how to avoid it in your team. Responsible person's issue by Andre...
Burnout and how to avoid it in your team. Responsible person's issue by Andre...
Performance evaluation process as a way to empower your employees and help th...
Performance evaluation process as a way to empower your employees and help th...
Selenium with py test by Alexandr Vasyliev for Lohika Odessa Python TechTalks
Selenium with py test by Alexandr Vasyliev for Lohika Odessa Python TechTalks
" Performance testing for Automation QA - why and how " by Andrey Kovalenko f...
" Performance testing for Automation QA - why and how " by Andrey Kovalenko f...
"WEB applications security testing" by Kirill Semenov for Lohika Odessa QA Te...
"WEB applications security testing" by Kirill Semenov for Lohika Odessa QA Te...
Developing Rest services with SailsJs by Andrey Kolodnitskiy
Developing Rest services with SailsJs by Andrey Kolodnitskiy
Recently uploaded
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
Andolasoft Inc
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
OnePlan Solutions
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
kalichargn70th171
Software Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
Arshad QA
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
OPEN KNOWLEDGE GmbH
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
stazi3110
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
ComplianceQuest1
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
harshavardhanraghave
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
Cionsystems
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
Wave PLM
DNT_Corporate presentation know about us
DNT_Corporate presentation know about us
Dynamic Netsoft
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
aagamshah0812
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
soniya singh
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
Fatema Valibhai
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
ThousandEyes
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
AxelRicardoTrocheRiq
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
Jhone kinadey
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
kellynguyen01
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
shikhaohhpro
Recently uploaded
(20)
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
Software Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
DNT_Corporate presentation know about us
DNT_Corporate presentation know about us
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
OAuth2 Authorization Server Under the Hood
1.
December 2021 OAuth 2 Authorization
Server Under the Hood
2.
Team Lead ARTIOM MATUSENCO
3.
3 Company Confidential ©
Capgemini 2021. All rights reserved | OAuth 2.0 framework overview • Authorization code flow • PKCE Reference tokens vs self-contained • Introspection endpoint • JWT validation OAuth Authorization server frontend • /authorize path and parameters OAuth Authorization server endpoints • /authorize • /token Possible errors OIDC and Authentication • User sign in and registration SSO SLO AGENDA
4.
4 Company Confidential ©
Capgemini 2021. All rights reserved | OAuth 2.0 Framework Overview 1.
5.
5 Company Confidential ©
Capgemini 2021. All rights reserved | https://oauth.net “OAuth 2.0 is the industry- standard protocol for authorization. ”
6.
6 Company Confidential ©
Capgemini 2021. All rights reserved | Roles OAuth 2.0 Framework Overview An OAuth 2.0 flow has the following roles • Resource Owner: Entity that can grant access to a protected resource. Typically, this is the end-user • Resource Server: Server hosting the protected resources. This is the API you want to access • Client: Application requesting access to a protected resource on behalf of the Resource Owner • Authorization Server: Server that authenticates the Resource Owner and issues access tokens after getting proper authorization.
7.
7 Company Confidential ©
Capgemini 2021. All rights reserved | Roles OAuth 2.0 Framework Overview
8.
8 Company Confidential ©
Capgemini 2021. All rights reserved | Authorization Code flow OAuth 2.0 Framework Overview
9.
9 Company Confidential ©
Capgemini 2021. All rights reserved | Use-case example OAuth 2.0 Framework Overview
10.
10 Company Confidential ©
Capgemini 2021. All rights reserved | PKCE OAuth 2.0 Framework Overview The Proof Key for Code Exchange (PKCE, pronounced pixie) extension describes a technique for public clients to mitigate the threat of having the authorization code intercepted. The technique involves the client first creating a secret, and then using that secret again when exchanging the authorization code for an access token. This way if the code is intercepted, it will not be useful since the token request relies on the initial secret.
11.
11 Company Confidential ©
Capgemini 2021. All rights reserved | OAuth 2.0 Framework Overview PKCE
12.
12 Company Confidential ©
Capgemini 2021. All rights reserved | Reference tokens vs self-contained 2.
13.
13 Company Confidential ©
Capgemini 2021. All rights reserved | gho_16C7e42F292c6912E7710c838347Ae178B4a Reference REFERENCE TOKENS VS SELF-CONTAINED Self-contained
14.
14 Company Confidential ©
Capgemini 2021. All rights reserved | Unique string (e.g.: uuid / hash) Remote information • Introspection endpoint (e.g.: /token_info) • Verification • Payload Benefits • Light wight • Session management Challenges • Additional time for getting remote info Reference Self-contained JWT • Signature Payload • User id • Role / permission • Etc Benefits • Autonomous validation Challenges • Session related logic, e.g.: instant logout REFERENCE TOKENS VS SELF-CONTAINED
15.
15 Company Confidential ©
Capgemini 2021. All rights reserved | OAuth Authorization server Frontend 3.
16.
16 Company Confidential ©
Capgemini 2021. All rights reserved | OAuth authorization server Frontend Authentication
17.
17 Company Confidential ©
Capgemini 2021. All rights reserved | OAuth authorization server Frontend Consent
18.
18 Company Confidential ©
Capgemini 2021. All rights reserved | OAuth Authorization server endpoints 4.
19.
19 Company Confidential ©
Capgemini 2021. All rights reserved | /oauth/authorize ?client_id=a17c21ed &response_type=code &state=5ca75bd30 &redirect_uri=https://example.com/cb &scope=photos Authorization request Backend logic • Authorize request against access token • Validate request parameters • Generate authorization code • Store in DB request data • Return authorization code • or redirect to the redirect_uri OAuth 2.0 Framework Overview https://example.com/cb ?state=txcSDMn3Q5bZ-w32 &code=EVOcNHq7TBVaxVw Authorization response
20.
20 Company Confidential ©
Capgemini 2021. All rights reserved | /token ?code=EVOcNHq7TBVaxVw &grant_type=code &redirect_uri=https://example.com/cb &client_id=a17c21ed &client_secret=ZGVmMjMz Token exchange request Backend logic - Authorize request - Validate query params - Get data from DB by the authorization code - userId - scope - Issue tokens limited to scopes OAuth 2.0 Framework Overview { "token_type": "Bearer", "expires_in": 86400, "access_token": "sjmHG1EywNbSDAelt", "refresh_token": "Qb6kKM4BWPIwq" } Token exchange response
21.
21 Company Confidential ©
Capgemini 2021. All rights reserved | Scopes OAuth 2.0 Framework Overview Scopes are like roles or permissions in common access management patterns. Basically, they specify scope of access. Implementation of authorization (scopes check) is not covered by the spec. and might be implemented in any way.
22.
22 Company Confidential ©
Capgemini 2021. All rights reserved | Possible Errors 5.
23.
23 Company Confidential ©
Capgemini 2021. All rights reserved | Possible errors • Invalid redirect URL • Unrecognized client_id • The user denies the request • Invalid parameters • invalid_request: The request is missing a required parameter, includes an invalid parameter value, or is otherwise malformed. • unauthorized_client: The client is not authorized to request an authorization code using this method. • unsupported_response_type: The authorization server does not support obtaining an authorization code using this method. • invalid_scope: The requested scope is invalid, unknown, or malformed. • server_error: The authorization server encountered an unexpected condition which prevented it from fulfilling the request. • temporarily_unavailable: The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
24.
24 Company Confidential ©
Capgemini 2021. All rights reserved | OIDC and Authentication 6.
25.
25 Company Confidential ©
Capgemini 2021. All rights reserved | Authentication comparison OIDC and Authentication
26.
26 Company Confidential ©
Capgemini 2021. All rights reserved | User sign in and registration w/o OIDC OIDC and Authentication
27.
27 Company Confidential ©
Capgemini 2021. All rights reserved | User sign in and registration OIDC and Authentication
28.
28 Company Confidential ©
Capgemini 2021. All rights reserved | SSO 7.
29.
29 Company Confidential ©
Capgemini 2021. All rights reserved | SSO
30.
30 Company Confidential ©
Capgemini 2021. All rights reserved | SLO 8.
31.
31 Company Confidential ©
Capgemini 2021. All rights reserved | SLO
32.
capgemini.com SUM UP
33.
33 Company Confidential ©
Capgemini 2021. All rights reserved | What did we we learn • OAuth 2 authorization code flow in details • OAuth 2 FE SPA / SSR • Endpoints and logic • Scopes and authorization • Sign-in and registration
34.
34 Company Confidential ©
Capgemini 2021. All rights reserved | References • https://oauth.net/ - open-source website maintained by Aaron Parecki • https://www.oauth.com/ - OAuth 2.0 Simplified (Written by Aaron Parecki) • https://jwt.io/ - debugger / book • https://openid.net/connect/ - consolidated data about OIDC • https://oidcdebugger.com/ - OIDC debugger • https://portswigger.net/web-security/oauth/preventing - OAuth vulnerabilities • https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics - OAuth spec: Security Best Practices
35.
35 Company Confidential ©
Capgemini 2021. All rights reserved | Inspired by https://oauth2simplified.com/ OAuth 2.0 Simplified OAuth 2.0 Simplified is a guide to building an OAuth 2.0 server. Through high-level overviews, step-by-step instructions, and real- world examples, you will learn how to take advantage of the OAuth 2.0 framework while building a secure API.
36.
THANK YOU!
37.
This presentation contains
information that may be privileged or confidential and is the property of the Capgemini Group. Copyright © 2021 Capgemini. All rights reserved. Capgemini Engineering combines, under one brand, a unique set of strengths from across the Capgemini Group: the world leading engineering and R&D services of Altran – acquired by Capgemini in 2020 - and Capgemini’s digital manufacturing expertise. With broad industry knowledge and cutting-edge technologies in digital and software, Capgemini Engineering supports the convergence of the physical and digital worlds. Combined with the capabilities of the rest of the Group, it helps clients to accelerate their journey towards Intelligent Industry. Capgemini Engineering has more than 52,000 engineer and scientist team members in over 30 countries across sectors including aeronautics, automotive, railways, communications, energy, life sciences, semiconductors, software & internet, space & defence, and consumer products. Capgemini Engineering is an integral part of the Capgemini Group, a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided every day by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of 270,000 team members in nearly 50 countries. With its strong 50-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2020 global revenues of €16 billion. About Capgemini Engineering Get the Future You Want | www.capgemini.com/capgemini-engineering
Download now