Thank you for sending your enquiry! One of our team member will contact you shortly.
Thank you for sending your booking! One of our team member will contact you shortly.
Course Outline
Introduction
- Overview of OAuth
- Understanding API security
OAuth
- Protocol endpoints
- Scope
- Authorization code for web apps
- Implicit flow for single-page apps
- Client credentials for machines
- Resource owner password credentials
- Long-lived access with refresh tokens
- Choosing the right response mode
- Simplifying OAuth with OAuth 2.1
Native Applications Best Practices
- Unique issues of native apps
- Using PKCE to handle stolen tokens
- Choosing the best redirect URI
Browser-based Application Best Practices
- The security profile of the browser-based app
- OAuth within the browser
- Avoiding OAuth with SameSite cookies
- Securing browser-based apps with backend for frontend
Extending OAuth
- OAuth and Identity with OpenID Connect
- Configuring clients with OAuth metadata
- Authorizing the IoT with the OAuth device flow
- Combining SAML and OAuth with the SAML assertion grant
- Securing Microservices with token exchange
Summary and Next Steps
Requirements
- Basic knowledge of web service and API development
Audience
- Developers
Testimonials
I genuinely was benefit from the communication skills of the trainer.
Flavio Guerrieri
Loose way of driving
The delivery
- Department for Communities
Depth and breadth of the course. Trainer was excellent also.
- Department for Communities
Examples provided
- Department for Communities
Trainer's vast knowledge
FUJITSU TECHNOLOGY SOLUTIONS SP. Z O.O.
Loose way of driving
Related Courses
Cybersecurity Fundamentals
28 hours
Honeywell Security System
14 hours
Network Penetration Testing
35 hours
Public Key Infrastructure
21 hours
Security Management
14 hours
Security Policy Management
35 hours
NB-IoT for Developers
7 hours