From the course: Web Security: OAuth and OpenID Connect (2019)
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Making OAuth 2.0 useful with extensions
From the course: Web Security: OAuth and OpenID Connect (2019)
Making OAuth 2.0 useful with extensions
- [Instructor] Now that we've talked about the overall concept of OAuth, let's get specific about what it is at a practical everyday level. On the surface, OAuth looks complicated, but if you look just below the surface, you'll realize it's still complicated. That's because OAuth 2.0 is a framework, or a loose operating agreement, at how we're going to interact. Unlike a strict contract, it leaves many things undefined. While this is frustrating at first glance, it gives us flexibility to address new problems, technologies and use cases that the creators didn't imagine. That is powerful. There are about a dozen extensions that are useful on a day-to-day basis with OAuth. I'll cover OpenID Connect in the next video, but the ones that are relevant in general are JWT, token revocation, token introspect, Dynamic Client Registration, and authorization server metadata. Phew, that one is a mouthful. The first one we'll…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.