Session

OAuth & OpenID Connect in Practice

This workshop will introduce you to the concepts and ideas behind OAuth 2.0 and OpenID Connect (OIDC), and how they can help to secure your apps and APIs.

We will also discuss why things are designed the way they are, how they should be deployed in a scalable fashion, and what it means to build an entire API platform that uses these standards. In the practical part of the workshop we’ll run end-to-end flows and attendees will gain the information needed to implement their OAuth and OpenID Connect based solutions.

Throughout the session, we encourage discussions and questions. For example: why should we, or should we not use the standards in certain ways. What can go wrong, and how does your organization gain the highest degree of reusability when deploying these mechanisms?

The discussion will include:

  • OAuth Flows and Actors
  • OpenID Connect
  • Token Formats
  • Token Handling
  • Securing an API

Why attend?
Attend this workshop to:

  • Learn how to use OAuth and OIDC to secure your APIs
  • Use Code Flow and PKCE in an OAuth client
  • Learn how to shape tokens for authorization decisions
  • Discover how OAuth enables a microservices and DevOps-oriented environment

Who should attend?
If you are a developer or an architect working with API development or front-end development such as apps or websites, then this workshop is for you. The workshop is relevant to anyone involved in making digital services secure and privacy-oriented.

Prerequisites
You don’t need any previous experience with the OAuth and OpenID Connect standards to attend.

Don’t forget to bring your laptop. You will need to be able to run Docker.

This session will be held at at our upcoming event:

Austin API Summit 2024

Register Learn More
Smarter Tech Decisions Using APIs

Smarter Tech Decisions Using APIs

API blog

High impact blog posts and eBooks on API business models, and tech advice

API conferences

Connect with market leading platform creators at our events

API community

Join a helpful community of API practitioners

API Insights Straight to Your Inbox!

Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.

Join Our Thriving Community

Become a part of our global community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.