excellent video with excellent explaination. Many people still can't differentiate between oAuth and openID connect. Hopefully, they will watch this video and get themselves clarified.
Thank you! Very clear. It's good to know that there are different flows available. In fact that is what confused me (how to handle redirections in a mobile app!)
I have a question : When on first interaction with Outh server, I am not passing any parameter that identifies me. There are the 4 parameters alone listed (02:43) In that case (provided my sign in is active) how is the Oauth server able to fetch the list of logins among which I can choose my desired login? In other words, will there be a necessity to enter google uname and pwd at the first instance ?
Great explanation here, thanks. A question: At 7:48 frame, I see a code is sent to the server after which the server connects to Google and gets an access token, and a JWT token. Is it secure to send a code over the wire to the server? Or is there some kind of pre-existing handshake where in Google auth server knowns a request would come from a particular server, only after which I would release access and id tokens?
Is refresh token and access token are same. Temporary grant is clear. But most of the auth server are sharing two tokens refresh token and access token.
Great video and explanation, thanks. With the email, presumably you then check that against your db but I was wondering what happens if the user changes their email with google? Thanks
I personally havent used docker. Also, if our applications can use PAAS (platform as a service like Heroku, Cloud Foundry, App Engine) we should avoid docker/containers. They bring a lot of complexity and in coming years we will be working in serverless and not directly with docker.
Hi sir, In the video at 5.30 exactly in the screen at right bottom which the rectangle box named as `server` and here its a google contact server or a service provider server of our own application? please clarify it. thank you
Thanks for great info. One doubt, In open is connect server is sending code in url and this code is used by the client . Isn’t it insecure. How it works as there is no access token in open id connect
Just wanted to say this is one of the best educational channels for software developers and its really sad you stopped making videos :(
yes...I wish he continues making videos
One of the best videos found to explain this, especially because you include the differences in parameters used. Thanks
Simple and straight to the concept. You're one of my best teacher! Thank you for making such a great video!
I am very confused before watching this vdo, you cleared my confusion. Awesome explanation. Thanks a lot.
no user configuration required is always hard to understand
Thumbs up for this video before 2mints, you explained very well with examples of our day-by-day. That is what i was looking forn
It's the simplest and most descriptive tutorial about oauth 2.0 I've ever seen. Thank you a lot.
simple and straight to point example on oauth2.0 and OpenId Connect. Excellent
God bless you I have saw like 20 videos and no one was able to explain crearly the concept of OpenId and Oauth 2.0 as you did.
This is one of the best explanations ever.. awesome mate!.
This is one of the best videos I have seen on this topic! Thank you so much
The best explanation for oauth and oidc I have found.
Crisp explanation to the point, love your succinct explanation and your presentations
Your voice and the way of teaching with slides and example are superb, clarity is impressive, thanks
Extremely clear explanation !!! Awesome work bro !!
Explanations are so clear, thanks!
Very well explained 👌
Loved the content. Really helped me understand OAuth 2
Well explained. 3 in 1 !! Thanks for this.
excellent video with excellent explaination. Many people still can't differentiate between oAuth and openID connect. Hopefully, they will watch this video and get themselves clarified.
This literally cleared my confusion. Thanks a lot.
Excellent explanation.
I am newbie on this topic and still I understood most part of it. Brilliant
Very lucid and to the point.
superb explanation
Thank you so much for the very simple explanation for the complex workflow!
nice explanation
Very well described.
Good Explanation. Thank you.
Thanks so much for creating this video and sharing it. This was very helpful in my undderstanding of SSO and in particular Oauth and OIC. THANKS!!!
VErrrrrrrrrrrrryyyyyyyy Good explanation.. no one did like you did.. for my CISSP exam prep..kUDOS'
I saw a lot of video. I mean a lot and able to understand after watching this.
Nicely explained
What a clear concept that you have .........Thanks Sir for sharing your knowledge with others...... awesome way to elaborate
Probably one of the best explanation of these complex concepts. Good Job !
Niceeeeeee thank you for this clear explanation!
best explanation in the web about the subject.
very well explained .. Keep up the good work
Good explanation.
Great explanation. Upto the point
Awesome 👏 short and exact 😀
Awesome video. Short and simple! Just needed to understand the basics of the protocol instead of watching an hour with more details. :)
Concise and Clear content
Clear and concise. Love it!
Thank you!🙂
Clean and simple. I love it!
Thanks for your work! Very good explanation
Super explanation
Superb :) You are the best
Awesome video 👌, keep making more. Subscribed
Excellent video. Thank you
Well done explanation, thank you
Thank you for this clear and up to the point explaination. :)
Thanks! Nice info.
Second half is cool ,,😊
Thanks for the explanation man
Mashallah, very good quality work.
Brother this is some good knowledge 😁
Wow. Nice explanation. I understand very clearly.
This video has demystified the concept for me. Thanks :)
Awesome video. Straight to the point!
thank for you knowledge
Perfectly explained, thank you.
Thank you! Very clear. It's good to know that there are different flows available. In fact that is what confused me (how to handle redirections in a mobile app!)
I have a question : When on first interaction with Outh server, I am not passing any parameter that identifies me. There are the 4 parameters alone listed (02:43) In that case (provided my sign in is active) how is the Oauth server able to fetch the list of logins among which I can choose my desired login? In other words, will there be a necessity to enter google uname and pwd at the first instance ?
Nice.we need you back
Nice one, clear and concise. Thank you
Damn, short and to the point. Loved it bro.:)
Thanks mate. Helpful.
Thx from Germany
Great explanation here, thanks. A question: At 7:48 frame, I see a code is sent to the server after which the server connects to Google and gets an access token, and a JWT token. Is it secure to send a code over the wire to the server? Or is there some kind of pre-existing handshake where in Google auth server knowns a request would come from a particular server, only after which I would release access and id tokens?
Brilliant explaination!!
Awesome presentation.
Thank you, to cleared things steps by steps ...
worth watching
Good one
good job, very well explained.
wow ..great explanation..
Thank you so much for information
very nice dude!
It's just so good. Thanks a lot.
Excellent sir. Please create some video on saml 2.0 and single sign on
Amazing!
Amazing
Subscribed.
Is refresh token and access token are same. Temporary grant is clear. But most of the auth server are sharing two tokens refresh token and access token.
Hi,
Can you please clarify do we get access_token in openID too?
good job buddy
Great video!!
Good stuff bro
Great video and explanation, thanks. With the email, presumably you then check that against your db but I was wondering what happens if the user changes their email with google? Thanks
Nice.
Please make a video on Docker
I personally havent used docker. Also, if our applications can use PAAS (platform as a service like Heroku, Cloud Foundry, App Engine) we should avoid docker/containers. They bring a lot of complexity and in coming years we will be working in serverless and not directly with docker.
Hi sir, In the video at 5.30 exactly in the screen at right bottom which the rectangle box named as `server` and here its a google contact server or a service provider server of our own application? please clarify it. thank you
Adding numbers to arrows to indicate the sequence of actions would have been very helpful.
Very good explaination and up to the point and cleared many concepts. Can you please make some videos related to federation flow ?
Nice.. could you please cover IDP bride
Whts the difference in this? Even using oauth 2 and openid both ways can get the user email or profile?
How do we know that the JWT we received is right one?
thanks for this great video, Can you share some resources where I can do some practice or experiment related to Oauth2?
Thanks for great info. One doubt, In open is connect server is sending code in url and this code is used by the client . Isn’t it insecure. How it works as there is no access token in open id connect
Nice one.Can u pls create spring boot app with oauth2 and explain