Kursbeskrivning
OpenID Connect is the de-facto standard we should use for handling authentication and authorization in modern applications. However, it can still be very complex and confusing with all the various concepts, including scopes, claims, flows, resources, and tokens.
In this course, you will learn the following:
Authentication vs. authorization
How OAuth 2.x and OpenID Connect work
Fundamental concepts
How a client authenticates against an authorization server
How to retrieve and consume JWT tokens
How OpenID Connect fits into your architecture
How the tokens are secured and managed
This course includes many hands-on exercises that will help you understand how the protocol works under the hood, so you can get the best from it.
In this course, we will cover the following:
Introduction
Authentication vs. Authorization
Our challenges
OAuth versions
OAuth vs. OpenID Connect
Towards OpenID Connect
Reference tokens
Bearer tokens
Token Service
Authorization Server
Relying party
ID token
Access token
Authentication architecture
Token endpoints
Discovery document
Implicit flow
How does this flow work
Why it is no longer a recommended flow
JWT tokens
ID token
JSON Web Tokens
JWT access tokens
Claims and scopes
What are claims?
Claim types
Scopes
User consent
Securing the token
Unsecure tokens
Signed tokens
Signature algorithms
Private/public keys
Encrypted tokens
Authorization Code Flow
Public vs. private clients
Front vs. back-channel
Client Credentials flow
Refresh tokens
And much more…
After this course
After this course, we recommend you look at the following related courses:
Securing ASP.NET using OpenID Connect and IdentityServer
IdentityServer in Production
Kommande kursstarter
Intresseanmälan
Informator är utbildningsföretaget som stärker din konkurrenskraft genom att underhålla, uppdatera och tillföra relevant kunskap inom IT och management där och när du behöver det. Vi har vuxit tillsammans med svensk mjukvaruindustris ledande företag och utbildat utvecklare, tekniker, projektledare och chefer sedan...