Robert Lemke, profile picture
Uploaded byRobert Lemke
PDF, PPTX133 views

OpenID Connect with Neos and Flow

The document discusses OpenID Connect, an authentication framework based on OAuth 2.0, highlighting its processes for verifying identity and permissions. It provides examples of JWTs (JSON Web Tokens) used in this authentication method and outlines the structure of tokens, including headers and payloads. Additionally, it emphasizes the importance of scopes and roles in user authentication and application integration.

Embed presentation

Download as PDF, PPTX
OpenID Connect with Neos and Flow by Robert Lemke
Robert Lemke Flownative Managing Partner Neos Project Founder robert@flownative.com @robertlemke
OpenID Connect is an authentication framework based on OAuth 2.0
Authentication confirm an entity's identity
Authorization verify an entity's permissions
Authentication & Authorization
Identity Provider
Identity Token as a JSON Web Token
# JWT example eyJraWQiOiJkZmViZTVlNy00MjMyLTQ0NjQtOGYyZS0xNTE 2ODFhMGQxNzMiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni J9.eyJpc3MiOiJodHRwczovL2lkLmV4YW1wbGUuY29tIiwi YXVkIjoiQCFEREQ1LjM3MEQuODU0Ny5GRkQ5ITAwMDEhQTF DOS45MkMxITAwMDghMTNEQi41NEQ4LjY1REUuMjc2MSIsIm V4cCI6MTU1OTIwNTU2MCwiaWF0IjoxNTU5MjAxOTYwLCJhd XRoX3RpbWUiOjE1NTkyMDE5NTksImF0X2hhc2giOiJfU1BH dHM1OUlTbFdNSHhzMmEwM3N3Iiwib3hPcGVuSURDb25uZWN 0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIj oiVVdBWWZ6em1jYU5BWnlfQzhhOFVvVXhNbWhUMUlsY0tsW Ec4VG5Xa3lJTSJ9.VsOdosHuRWVaoacWG1CNJl0IZrHH- HbFTCZDcQDtFPSma13sHO- C69tm_HTjHX5DnMX6B_lDCgu3A8AsSZIQEG71z_Mnd2uxHo UrKUtHr8iM9bhpPKMnaXx9jr0O1EtKAJDLkz4qdzNunyOU7 Ud94Lc8YxIjf7FZH_-jJc0UqFyFKY2rdEiZQVATNG94F-
# JWT example eyJraWQiOiJkZmViZTVlNy00MjMyLTQ0NjQtOGYyZS0xNTE 2ODFhMGQxNzMiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni J9.eyJpc3MiOiJodHRwczovL2lkLmV4YW1wbGUuY29tIiwi YXVkIjoiQCFEREQ1LjM3MEQuODU0Ny5GRkQ5ITAwMDEhQTF DOS45MkMxITAwMDghMTNEQi41NEQ4LjY1REUuMjc2MSIsIm V4cCI6MTU1OTIwNTU2MCwiaWF0IjoxNTU5MjAxOTYwLCJhd XRoX3RpbWUiOjE1NTkyMDE5NTksImF0X2hhc2giOiJfU1BH dHM1OUlTbFdNSHhzMmEwM3N3Iiwib3hPcGVuSURDb25uZWN 0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIj oiVVdBWWZ6em1jYU5BWnlfQzhhOFVvVXhNbWhUMUlsY0tsW Ec4VG5Xa3lJTSJ9.VsOdosHuRWVaoacWG1CNJl0IZrHH- HbFTCZDcQDtFPSma13sHO- C69tm_HTjHX5DnMX6B_lDCgu3A8AsSZIQEG71z_Mnd2uxHo UrKUtHr8iM9bhpPKMnaXx9jr0O1EtKAJDLkz4qdzNunyOU7 Ud94Lc8YxIjf7FZH_-jJc0UqFyFKY2rdEiZQVATNG94F- header payload signature
# JWT example {"kid":"dfebe5e7-4232-4464-8f2e-151681a0d173"," typ":"JWT","alg":"RS256"} {"iss":"https://id.example.com","aud":"@! DDD5.370D.8547.FFD9!0001!A1C9.92C1!0008! 13DB.54D8.65DE.2761","exp":1559205560,"iat":155 9201960,"auth_time":1559201959,"at_hash":"_SPGt s59ISlWMHxs2a03sw","oxOpenIDConnectVersion":"op enidconnect-1.0","sub":"UWAYfzzmcaNAZy_C8a8UoUx MmhT1IlcKlXG8TnWkyIM"} VÝ???EeZ??P?&]f???v?L&Cq???k]????f?t?~C????C ??,I?n???'wk??+)KG?Ȍ??i<?'i|}???KJ?˓>*w3n?#?? G}?<c#?Y??%???)??tH?AP4ox?X+?Y?n;L"??T?? header payload signature
Scope
OIDC Discovery
Bearer Access Token
Authenticate Web Users
DEMO
Authenticate Applications
Roles from Identity Token
robert@flownative.com www.flownative.com @robertlemke

More Related Content

PPTX
Monero Presentation by Justin Ehrenhofer - Zagreb, Croatia 2017
byJustin Ehrenhofer
 
PDF
OpenID Connect Explained
byVladimir Dzhuvinov
 
PDF
OAuth 2.0 and OpenID Connect
byJacob Combs
 
PPTX
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
byBrian Campbell
 
PDF
AllTheTalks.Online 2020: "Basics of OAuth 2.0 and OpenID Connect"
byAndreas Falk
 
PDF
OpenID Connect "101" Introduction -- October 23, 2018
byOpenIDFoundation
 
PDF
OpenID Connect primer
bynob f
 
PPTX
Identity, authentication and authorization
byMithun Shanbhag
 
Monero Presentation by Justin Ehrenhofer - Zagreb, Croatia 2017
byJustin Ehrenhofer
 
OpenID Connect Explained
byVladimir Dzhuvinov
 
OAuth 2.0 and OpenID Connect
byJacob Combs
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
byBrian Campbell
 
AllTheTalks.Online 2020: "Basics of OAuth 2.0 and OpenID Connect"
byAndreas Falk
 
OpenID Connect "101" Introduction -- October 23, 2018
byOpenIDFoundation
 
OpenID Connect primer
bynob f
 
Identity, authentication and authorization
byMithun Shanbhag
 

Similar to OpenID Connect with Neos and Flow

PDF
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
byVladimir Bychkov
 
PPTX
Intro to OAuth2 and OpenID Connect
byLiamWadman
 
PPTX
Securing your apps with OAuth2 and OpenID Connect - Roland Guijt - Codemotion...
byCodemotion
 
PDF
Introducing OpenID 1.0 Protocol: Security and Performance
byAmin Saqi
 
PDF
Full stack security
byDPC Consulting Ltd
 
PDF
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
byLeonard Moustacchis
 
PDF
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
byMikeLeszcz
 
PDF
OpenID Connect - An Emperor or Just New Cloths?
byOliver Pfaff
 
PDF
CIS13: Introduction to OpenID Connect
byCloudIDSummit
 
PDF
Introduction to OpenID Connect
byNat Sakimura
 
PDF
Secure your APIs using OAuth 2 and OpenID Connect
byNordic APIs
 
PDF
Applications and deployment patterns of o auth and open id connect
byKavindu Dodanduwa
 
PPTX
OAuth2 & OpenID Connect
byMarcin Wolnik
 
PDF
Access Management for Cloud and Mobile
byForgeRock
 
PPTX
Wso2 is integration with .net core
byIsmaeel Enjreny
 
PPTX
OpenID Connect
byFarasath Ahamed
 
PDF
CIS14: Working with OAuth and OpenID Connect
byCloudIDSummit
 
PDF
JDD2015: Security in the era of modern applications and services - Bolesław D...
byPROIDEA
 
PPTX
OAuth2 and OpenID with Spring Boot
byGeert Pante
 
PDF
Securing .NET Core, ASP.NET Core applications
byNETUserGroupBern
 
2019 - Tech Talk DC - Token-based security for web applications using OAuth2 ...
byVladimir Bychkov
 
Intro to OAuth2 and OpenID Connect
byLiamWadman
 
Securing your apps with OAuth2 and OpenID Connect - Roland Guijt - Codemotion...
byCodemotion
 
Introducing OpenID 1.0 Protocol: Security and Performance
byAmin Saqi
 
Full stack security
byDPC Consulting Ltd
 
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
byLeonard Moustacchis
 
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
byMikeLeszcz
 
OpenID Connect - An Emperor or Just New Cloths?
byOliver Pfaff
 
CIS13: Introduction to OpenID Connect
byCloudIDSummit
 
Introduction to OpenID Connect
byNat Sakimura
 
Secure your APIs using OAuth 2 and OpenID Connect
byNordic APIs
 
Applications and deployment patterns of o auth and open id connect
byKavindu Dodanduwa
 
OAuth2 & OpenID Connect
byMarcin Wolnik
 
Access Management for Cloud and Mobile
byForgeRock
 
Wso2 is integration with .net core
byIsmaeel Enjreny
 
OpenID Connect
byFarasath Ahamed
 
CIS14: Working with OAuth and OpenID Connect
byCloudIDSummit
 
JDD2015: Security in the era of modern applications and services - Bolesław D...
byPROIDEA
 
OAuth2 and OpenID with Spring Boot
byGeert Pante
 
Securing .NET Core, ASP.NET Core applications
byNETUserGroupBern
 

More from Robert Lemke

PDF
Neos Content Repository – Git for content
byRobert Lemke
 
PDF
A General Purpose Docker Image for PHP
byRobert Lemke
 
PDF
Scaleable PHP Applications in Kubernetes
byRobert Lemke
 
PDF
Flownative Beach - Neos Meetup Hamburg 2022
byRobert Lemke
 
PDF
GitOps with Flux - IPC Munich 2022
byRobert Lemke
 
PDF
Neos Conference 2019 Keynote
byRobert Lemke
 
PDF
A practical introduction to Kubernetes (IPC 2018)
byRobert Lemke
 
PDF
Neos Conference 2018 Welcome Keynote
byRobert Lemke
 
PDF
A practical introduction to Event Sourcing and CQRS
byRobert Lemke
 
PDF
Neos Conference 2017 Welcome Keynote
byRobert Lemke
 
PDF
IPC16: A Practical Introduction to Kubernetes
byRobert Lemke
 
PDF
IPC 2016: Content Strategy for Developers
byRobert Lemke
 
PDF
Docker in Production - IPC 2016
byRobert Lemke
 
PDF
Is this Open Source Thing Really Worth it? (IPC 2016 Berlin)
byRobert Lemke
 
PDF
The Neos Brand (Inspiring Conference 2016)
byRobert Lemke
 
PDF
Neos - past, present, future (Inspiring Conference 2016)
byRobert Lemke
 
PDF
Meet Neos Nürnberg 2016: Ja ich will!
byRobert Lemke
 
PDF
Meet Neos Nürnberg 2016: Hallo Neos!
byRobert Lemke
 
PDF
Turning Neos inside out / React.js HH
byRobert Lemke
 
PDF
Docker in Production - IPC 15 München
byRobert Lemke
 
Neos Content Repository – Git for content
byRobert Lemke
 
A General Purpose Docker Image for PHP
byRobert Lemke
 
Scaleable PHP Applications in Kubernetes
byRobert Lemke
 
Flownative Beach - Neos Meetup Hamburg 2022
byRobert Lemke
 
GitOps with Flux - IPC Munich 2022
byRobert Lemke
 
Neos Conference 2019 Keynote
byRobert Lemke
 
A practical introduction to Kubernetes (IPC 2018)
byRobert Lemke
 
Neos Conference 2018 Welcome Keynote
byRobert Lemke
 
A practical introduction to Event Sourcing and CQRS
byRobert Lemke
 
Neos Conference 2017 Welcome Keynote
byRobert Lemke
 
IPC16: A Practical Introduction to Kubernetes
byRobert Lemke
 
IPC 2016: Content Strategy for Developers
byRobert Lemke
 
Docker in Production - IPC 2016
byRobert Lemke
 
Is this Open Source Thing Really Worth it? (IPC 2016 Berlin)
byRobert Lemke
 
The Neos Brand (Inspiring Conference 2016)
byRobert Lemke
 
Neos - past, present, future (Inspiring Conference 2016)
byRobert Lemke
 
Meet Neos Nürnberg 2016: Ja ich will!
byRobert Lemke
 
Meet Neos Nürnberg 2016: Hallo Neos!
byRobert Lemke
 
Turning Neos inside out / React.js HH
byRobert Lemke
 
Docker in Production - IPC 15 München
byRobert Lemke
 

Recently uploaded

PDF
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PPTX
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PPTX
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PDF
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
PDF
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
PDF
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
The new book “Marketing in the Metaverse” spotlights Scott M. Graffius’ research
byScott M. Graffius
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 2
byDianaGray10
 
PDF
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
apidays Paris 2025 | Integration is Feminist: Building Peace in Distributed S...
byapidays
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
The new book “Marketing in the Metaverse” spotlights Scott M. Graffius’ research
byScott M. Graffius
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
UiPath Automation Developer Associate Training Series 2026 - Session 2
byDianaGray10
 
TravelTech Paris 2025 | The EU Digital Identity Wallet and it’s impact on Tra...
byapidays
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 

OpenID Connect with Neos and Flow