Brilliant. There are just talks or there is a presentation driven by someone who has the vast intention and willingness to transfer knowledge. That's what we have here. Thanks Philippe.
Finally an outstanding presentation that also explain the resource server perspective. Without doubt the best Oauth-2 presentation so far I have found on youtube.
Small but important detail 41:16 he says there are only 3 flows but in reality OpenID Connect supports all OAuth 2.0 grant types including ROPC Grant and Client Credentials Grant.
In these diagrams, using the Twitter example, would "client" always refer to Buffer's back and and "resource server" always refer to Twitter's back end?
Too bad he doesn't say anything about the Authorization Code Grant with Proof Key For Code Exchange (PKCE) flow because that is now the recommended flow for public clients instead of the implicit flow. And yes this was recommended before 2018.
![[✅ BCG OFFER]: Mateo has pulled off his dream! Joining Boston Consulting Group (BCG) in Bogotá](http://i.ytimg.com/vi/C8b6HrdtLBc/mqdefault.jpg)
The best talk about OAuth and OIDC ever watched
Brilliant. There are just talks or there is a presentation driven by someone who has the vast intention and willingness to transfer knowledge. That's what we have here. Thanks Philippe.
Thank you. First talk in two weeks that has explained oidc
Man, I am glad that thing finally makes sense to me
A consolidated session. Thanks a lot Philippe and GOTO!
Thank you Philippe De Ryck for this excellent presentation!
Thank you.
By far the best session on OAuth2.0 available on youtube.
Finally an outstanding presentation that also explain the resource server perspective. Without doubt the best Oauth-2 presentation so far I have found on youtube.
I like this guy, he explain very well.
Really nice explanation on OIDC flow and what to do with the ID token
This is a really clear explanation!
The best on the topic ! Philipe rocks !
Small but important detail 41:16 he says there are only 3 flows but in reality OpenID Connect supports all OAuth 2.0 grant types including ROPC Grant and Client Credentials Grant.
In these diagrams, using the Twitter example, would "client" always refer to Buffer's back and and "resource server" always refer to Twitter's back end?
Endpoint should be /token instead of /auth at 17:26
I love GOTO; Intro
Awesome explanation thanks Philippe
Thanks
Very good explanation. Thanks you.
that's a very great explanation, man. thanks a lot.
Perfect presentation.
Outstanding presentation, thank you for sharing!
wonderful talk
Really well explained. Thank you!
Very good presentation!
Very good!
very well explained
beautiful
very well presented, thanks!
Excelent...
very helpful. thank you.
Can you give me that What is Client at 14 : 25 ?? Follow me it can Server API ?
Too bad he doesn't say anything about the Authorization Code Grant with Proof Key For Code Exchange (PKCE) flow because that is now the recommended flow for public clients instead of the implicit flow. And yes this was recommended before 2018.
Philippe De Ryck
Slides link pls
Hi there, thanks for your comment. If available the slides are linked in the video description. Here you go:
gotober.com/2018/sessions/653