OAuth - the good Parts - Anders Abel - NDC Security 2023

Поделиться
HTML-код
  • Опубликовано: 26 авг 2024
  • OAuth has been around for more than 10 years now, and has become the standard protocol for token-based security. Like every popular technology that has been growing with its requirements, there are some things which work really well, and some that did not quite stand the test of time.
    This talk looks at the essentials you should know about, if you would enter the OAuth ecosystem today. Which protocol flows and extensions should you study, which “dialects” like OpenID Connect are important, and if you decide to dive deeper, what would that “recommended reading” list look like?
    Check out our new channel:
    NDC Clips:
    ​‪@ndcclips‬
    Check out more of our featured speakers and talks at
    ndcconferences...
    ndc-security.com/
  • НаукаНаука

Комментарии • 2

  •  Год назад +1

    Great talk. One thing that was unclear was where are the refresh tokens stored. In local storage or in the cookie.

  • @vrjb100
    @vrjb100 Год назад

    Oauth is a perfect demonstration on how software architects live in a different world than developers.
    It would be handy when architects stick to the same terms as developers do, call them roles, not scopes.
    In a company the user is not the owner of the data, so the concept of resource owner is wrong and no concept of consent is applicable

Следующие
Автовоспроизведение
Improving the Chances of Success in Secure Software Development - Daniela Cruzes & Espen A. Johansen59:42Improving the Chances of Success in Secure Software Development - Daniela Cruzes & Espen A. Johansen
Improving the Chances of Success in Secure Software Development - Daniela Cruzes & Espen A. JohansenNDC Conferences
Просмотров 505
The Hows and Whys of Running our own OpenID Connect Identity Provider - Roland Guijt - NDC Oslo 202147:42The Hows and Whys of Running our own OpenID Connect Identity Provider - Roland Guijt - NDC Oslo 2021
The Hows and Whys of Running our own OpenID Connect Identity Provider - Roland Guijt - NDC Oslo 2021NDC Conferences
Просмотров 2,3 тыс.
OAuth - the good Parts - Anders Abel - NDC Oslo 202257:06OAuth – the good Parts - Anders Abel - NDC Oslo 2022
OAuth - the good Parts - Anders Abel - NDC Oslo 2022NDC Conferences
Просмотров 1,1 тыс.
AMP EXTREME WIPEOUT WITH MRBEAST25:17AMP EXTREME WIPEOUT WITH MRBEAST
AMP EXTREME WIPEOUT WITH MRBEASTAMP
Просмотров 6 млн
Criminal charges possible in sinking of superyacht | FOX 13 Seattle01:46Criminal charges possible in sinking of superyacht | FOX 13 Seattle
Criminal charges possible in sinking of superyacht | FOX 13 SeattleFOX 13 Seattle
Просмотров 626 тыс.
YTB Fatt - Free Bank (Official Music Video)02:41YTB Fatt - Free Bank (Official Music Video)
YTB Fatt - Free Bank (Official Music Video)YTB Fatt
Просмотров 302 тыс.
Buffs & Nerfs | SpongeBob Power-Ups | Skin Animations | Update Info!33:57Buffs & Nerfs | SpongeBob Power-Ups | Skin Animations | Update Info!
Buffs & Nerfs | SpongeBob Power-Ups | Skin Animations | Update Info!KairosTime Gaming
Просмотров 538 тыс.
SEVEN things about API security - Philippe De Ryck - NDC Oslo 202455:36SEVEN things about API security - Philippe De Ryck - NDC Oslo 2024
SEVEN things about API security - Philippe De Ryck - NDC Oslo 2024NDC Conferences
Просмотров 5 тыс.
Clean Architecture with NET 854:38Clean Architecture with NET 8
Clean Architecture with NET 8NimblePros
Просмотров 3,1 тыс.
How to add genuinely useful AI to your webapp (not just chatbots) - Steve Sanderson58:37How to add genuinely useful AI to your webapp (not just chatbots) - Steve Sanderson
How to add genuinely useful AI to your webapp (not just chatbots) - Steve SandersonNDC Conferences
Просмотров 14 тыс.
Modularizing the Monolith - Jimmy Bogard - NDC Oslo 202456:44Modularizing the Monolith - Jimmy Bogard - NDC Oslo 2024
Modularizing the Monolith - Jimmy Bogard - NDC Oslo 2024NDC Conferences
Просмотров 10 тыс.
Design more decoupled services with one weird trick - Udi Dahan - NDC Oslo 202458:25Design more decoupled services with one weird trick - Udi Dahan - NDC Oslo 2024
Design more decoupled services with one weird trick - Udi Dahan - NDC Oslo 2024NDC Conferences
Просмотров 10 тыс.
Messaging: The fine line between awesome and awful - Laila Bougria - NDC Oslo 20241:01:24Messaging: The fine line between awesome and awful - Laila Bougria - NDC Oslo 2024
Messaging: The fine line between awesome and awful - Laila Bougria - NDC Oslo 2024NDC Conferences
Просмотров 4,5 тыс.
Turbocharged: Writing High-Performance C# and .NET Code - Steve Gordon - NDC Oslo 20241:03:04Turbocharged: Writing High-Performance C# and .NET Code - Steve Gordon - NDC Oslo 2024
Turbocharged: Writing High-Performance C# and .NET Code - Steve Gordon - NDC Oslo 2024NDC Conferences
Просмотров 27 тыс.
How to fall in love with TDD - Gui Ferreira - NDC Oslo 202453:06How to fall in love with TDD - Gui Ferreira - NDC Oslo 2024
How to fall in love with TDD - Gui Ferreira - NDC Oslo 2024NDC Conferences
Просмотров 4 тыс.
IPhone vs Samsung challenge #iphone #iphonevssamsung #samsungvsiphone #techcrazyman00:39IPhone vs Samsung challenge #iphone #iphonevssamsung #samsungvsiphone #techcrazyman
IPhone vs Samsung challenge #iphone #iphonevssamsung #samsungvsiphone #techcrazymanTech Crazy Man
Просмотров 9 млн
Проблемный ноутбук за 300к00:57Проблемный ноутбук за 300к
Проблемный ноутбук за 300кFosters PC
Просмотров 167 тыс.
Блокировка Telegram и WhatsApp, два экрана в MacBook, видеокарта от ARM. Главные новости технологий!13:51Блокировка Telegram и WhatsApp, два экрана в MacBook, видеокарта от ARM. Главные новости технологий!
Блокировка Telegram и WhatsApp, два экрана в MacBook, видеокарта от ARM. Главные новости технологий!BIG GEEK
Просмотров 35 тыс.
Какую LED лампу поставить в авто? Ищем светодиодную лампу с самым высоким кпд!23:12Какую LED лампу поставить в авто? Ищем светодиодную лампу с самым высоким кпд!
Какую LED лампу поставить в авто? Ищем светодиодную лампу с самым высоким кпд!TEST LAB
Просмотров 31 тыс.
Благосборка для Николая, которую он хочет вернуть!25:02Благосборка для Николая, которую он хочет вернуть!
Благосборка для Николая, которую он хочет вернуть!Daniil Gerasimov
Просмотров 31 тыс.
iPhone 15 Plus на Изгибе00:59iPhone 15 Plus на Изгибе
iPhone 15 Plus на ИзгибеSergey Delaisy
Просмотров 165 тыс.
ПОЛЬЗОВАЛСЯ ANDROID ПОСЛЕ АЙФОНА ЧТО СО МНОЙ СТАЛО?12:57ПОЛЬЗОВАЛСЯ ANDROID ПОСЛЕ АЙФОНА ЧТО СО МНОЙ СТАЛО?
ПОЛЬЗОВАЛСЯ ANDROID ПОСЛЕ АЙФОНА ЧТО СО МНОЙ СТАЛО?EVG
Просмотров 46 тыс.
MSI GAMING BLACK SCREEN / STUCK ON BOOT LED01:00MSI GAMING BLACK SCREEN / STUCK ON BOOT LED
MSI GAMING BLACK SCREEN / STUCK ON BOOT LEDF1 LAB
Просмотров 5 млн