OAuth and OIDC Explained... (they are SIMPLER than you THINK)

OAuthOIDCOpenID Connectoauth 2.0oauth explainedoidc and oauth2oauth2 explainedoauth2 authorization code flowcloud identityidentity managementoauth2lead software architectsoftware architectsoftware architectureoidc explainedopenid connect

Скачать OAuth and OIDC Explained... (they are SIMPLER than you THINK) бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно OAuth and OIDC Explained... (they are SIMPLER than you THINK) или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Cкачать музыку OAuth and OIDC Explained... (they are SIMPLER than you THINK) бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео OAuth and OIDC Explained... (they are SIMPLER than you THINK)

OAuth 2.0 is an Authorization Framework that enables a third-party application to obtain limited access to an HTTP service. The application might request access on its own name or also on behalf of a user.

In this video we cover its most important concepts:
Roles
Authorization Grants
Access Token
Refresh Token

OAuth defines four roles.
Resource Owner
Resource Server
Client
Authorization Server

To understand this better let’s consider an actual scenario. Imagine we own a Strava account. Strava is a social media platform focused on sports where athletes can share their workouts, engage in challenges and motivate each other. Data such as our name, date of birth, weight, list of connections and workouts are resources that belongs to us. We are the resource owners while Strava is the resource server.

Now, we have Runalyze, a third-party application, known as the client, that wants to gain access to some data in our Strava account. What set of credentials should the client application use?

Would you give the third-party application your own credentials? Obviously not!

OAuth 2.0 solves this issue by introducing a fourth role: the authorization server. Its goal is to act as an intermediary between us and the client application requesting access to our data.

In this setup, client application and resource owner have their own distinct credentials to identify themselves. We have our username and password, while the application has a client ID and client secret. However, the target API cannot be accessed with neither of these credentials. The resource server API accept only special access tokens that are created and signed by the authorization server.

Despite OAuth 2.0 was written as an authorization framework, it is obvious that the authorization server needs to authenticate both resource owners and client applications. However, the protocol does not describe of to exchange identity information between the authorization server and the third-party client application. OpenID Connect 1.0 (OIDC) fills this gap by adding a well-defined identity layer on top of OAuth 2.0.

In a nutshell, this additional identity layer consists of two new concepts:
The ID token.
And the UserInfo endpoint.

The are some other important RFCs that need to be taken into consideration if we want to understand all the security nuances of OAuth and OIDC:

https://datatracker.ietf.org/doc/html...
https://datatracker.ietf.org/doc/html...
https://datatracker.ietf.org/doc/html...
https://datatracker.ietf.org/doc/html...
https://datatracker.ietf.org/doc/html...
https://datatracker.ietf.org/doc/html...
https://datatracker.ietf.org/doc/html...
https://datatracker.ietf.org/doc/html...

-------------------------------
Connect with me:
LinkedIn:   / marcolenzo
Twitter:   / marco_lenzo

Thanks to Niki for letting me show his Strava data during the video!!!
Instagram:   / niki.runs
Strava:   / strava

#softwaredevelopment #softwarearchitecture #oauth