OAuth2: The Swiss-Army Framework
Saturday, March 14
9:30AM - 10:30AM
110 E 2nd St
OAuth2 is the predominant standard for web authorization. While OAuth1 is a protocol, OAuth2 is an authorization framework. Why the distinction? OAuth2 is used by Google, Facebook, Adobe, Salesforce, Github, and many more, for everything from web and mobile authentication to backend service calls. This session will focus on the myriad of ways OAuth2 can be used to protect APIs, and how companies are implementing OAuth2 in the real world. We will cover the basics of the specification, and its core components. We will learn about grant types and when to use each one. We will discuss the ways the framework is being extended with technologies like JWT and JWT Bearer. We will cover OpenID Connect, and how it is used instead of SAML to handle SSO and federated logins. Finally, we will discuss how OAuth2 continues to evolve going forward. You will leave with a sound understanding of the specification which secures many of today's web services.
Adobe Systems Inc
Brent Shaffer is a musician-turned-software-engineer who sometimes has trouble accepting his true nerdy self. He enjoys running, rock climbing, backpacking, mountaineering, brewing beer, fantasy no...Show the rest
Brent Shaffer is a musician-turned-software-engineer who sometimes has trouble accepting his true nerdy self. He enjoys running, rock climbing, backpacking, mountaineering, brewing beer, fantasy novels, and of course, open source. He words for Adobe Systems and resides in Salt Lake City, where he can often be found scaling rock walls in the Wasatch or summiting mountains in the Uintas. He loves open source development, and especially the Symfony2 framework.
Brent also plays acoustic guitar and sings for the Nashville folk duo More Hazards More Heroes (http://morehazards.com)Hide the rest