Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes & Refresh Tokens

Автор: Ambient Coder

Загружено: 2021-03-06

Просмотров: 66700

Описание:

There is a lot that goes into securing a Web API. In this video, I discuss why the industry decided to move on from Basic Authentication and OAuth 2.0 took over as the new standard of securing Web APIs.

This video also covers how OpenID Connect works together with OAuth to solve both Authentication and Authorization.

Scopes and deciding how to use scopes in OAuth is tricky, I also cover some tips for making those decisions. Finally, I talk about refresh tokens and how they help deal with token expiry.

#WebAPIDesign #OAuth #OpenIDConnect

Web API Design Series - Episode 1 - • REST vs RPC vs GraphQL API - How do I pick...
Web API Design Series - Episode 2 - • Webhooks vs Websockets vs HTTP Streaming -...

Timecodes
0:00 - Intro
2:06 - Basic Authentication
5:05 - OAuth
10:16 - OpenID Connect
11:23 - Scopes
13:55 - Refresh Tokens

Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes & Refresh Tokens

Доступные форматы для скачивания:

Скачать видео mp4

Информация по загрузке:

Скачать аудио mp3

Похожие видео

OAuth 2.0 using Auth0 | React.js and Node.js

OAuth 2.0 using Auth0 | React.js and Node.js

OAuth 2.0 and OpenID Connect (in plain English)

OAuth 2.0 and OpenID Connect (in plain English)

Webhooks, Websockets и HTTP Streaming — какой событийно-управляемый API использовать?

Webhooks, Websockets и HTTP Streaming — какой событийно-управляемый API использовать?

REST vs RPC vs GraphQL API - How do I pick the right API paradigm?

REST vs RPC vs GraphQL API - How do I pick the right API paradigm?

Разница между файлами cookie, сеансом и токенами

Разница между файлами cookie, сеансом и токенами

Kubernetes — Простым Языком на Понятном Примере

Kubernetes — Простым Языком на Понятном Примере

Feeling Good Mix - Emma Péters, Carla Morrison

Feeling Good Mix - Emma Péters, Carla Morrison

An Illustrated Guide to OAuth and OpenID Connect

An Illustrated Guide to OAuth and OpenID Connect

OAuth terminologies and flows explained - OAuth tutorial - Java Brains

OAuth terminologies and flows explained - OAuth tutorial - Java Brains

Что такое Rest API (http)? Soap? GraphQL? Websockets? RPC (gRPC, tRPC). Клиент - сервер. Вся теория

Что такое Rest API (http)? Soap? GraphQL? Websockets? RPC (gRPC, tRPC). Клиент - сервер. Вся теория

Authentication on the Web (Sessions, Cookies, JWT, localStorage, and more)

Authentication on the Web (Sessions, Cookies, JWT, localStorage, and more)

Музыка для работы - Deep Focus Mix для программирования, кодирования

Музыка для работы - Deep Focus Mix для программирования, кодирования

Web API - Explicit Versioning | URI vs Headers vs Request Params | SemVer | Sunset Headers

Web API - Explicit Versioning | URI vs Headers vs Request Params | SemVer | Sunset Headers

APIs 101: How I Secure APIs / What Does it Mean to Secure an API? Part 9

APIs 101: How I Secure APIs / What Does it Mean to Secure an API? Part 9

Web API Pagination | Offset-based vs Cursor-based

Web API Pagination | Offset-based vs Cursor-based

How to secure your Microservices with Keycloak - Thomas Darimont

How to secure your Microservices with Keycloak - Thomas Darimont

Forget about OAuth 2.0. Here comes OAuth 2.1 - Philippe De Ryck - NDC Oslo 2022

Forget about OAuth 2.0. Here comes OAuth 2.1 - Philippe De Ryck - NDC Oslo 2022

Securing Your APIs with OAuth 2.0 - API Days

Securing Your APIs with OAuth 2.0 - API Days

Comparing web API types: SOAP, REST, GraphQL and RPC

Comparing web API types: SOAP, REST, GraphQL and RPC

Изучаем OAuth 2.0: объясняем основные этапы аутентификации

Изучаем OAuth 2.0: объясняем основные этапы аутентификации