The Introduction to OAuth 2 training course is designed to demonstrate aspects of OAuth 2.
The course begins with an analysis of the OAuth 2 protocol itself and includes a hands-on laboratory where developers will build a complete OAuth ecosystem from scratch, including the client, authorization server, and protected resource. Next, it explores the variety of OAuth flows and how to choose between them. The course concludes with a hands-on JWT creation and parsing as well as implementation of OpenID Connect on top of the OAuth 2 system from the previous day.
Purpose
|
Learn how to build advanced web security with OAuth. |
Audience
|
Developers of protected APIs or clients of those APIs, security architects. |
Role
| Business Analyst - Software Developer - System Administrator - Technical Manager - Web Developer |
Skill Level
| Intermediate |
Style
| Hack-a-thon - Learning Spikes - Workshops |
Duration
| 2 Days |
Related Technologies
| Web Development | Secure Coding Training | Cybersecurity |
Productivity Objectives
- Examine OAuth 2 protocol flows
- Interpret a deep understanding of the authorization code flow
- Determine when to use which OAuth flow
- Identify what OAuth doesn't cover
- Deduce how OpenID Connect is built on top of OAuth
- Illustrate a familiarity with advanced topics including introspection, revocation, registration, discovery, User Managed Access (UMA), and Post Office Protocol (PoP)
