OpenID Connect & OAuth 2.0 – Security Best Practices - Dominick Baier - NDC Oslo 2020

Don't forget to check out our links below! https://ndcoslo.com/ https://ndcconferences.com/ Since its publication in RFC6749 and RFC6750, OAuth 2.0 has gotten massive traction in the market and became the standard for API protection and the foundation of OpenID Connect. In the meantime, the protocols have been attacked through known implementation weaknesses and anti-patterns, technology has changed and their usage has been expanded to use-cases and higher security environments than originally considered and anticipated. That’s the reason why the IETF has published a number of so called “Best Current Practices” (BCPs) which update the original specs and threat models and give more prescriptive guidance. This talk gives an overview over those BCPs and picks out a couple of the topics for more in-depth discussion.

Join Today
OAuth 2.0 and OpenID Connect (in plain English)
▶︎

OAuth 2.0 and OpenID Connect (in plain English)

OpenID Connect & OAuth 2.0 – Security Best Practices - Dominick Baier
▶︎

OpenID Connect & OAuth 2.0 – Security Best Practices - Dominick Baier

Welcome to the (state) machine - Mauro Servienti - NDC Oslo
▶︎

Welcome to the (state) machine - Mauro Servienti - NDC Oslo

OAuth – the good Parts - Dominick Baier - NDC Oslo 2021
▶︎

OAuth – the good Parts - Dominick Baier - NDC Oslo 2021

7 Authentication Concepts Every Developer Should Know
▶︎

7 Authentication Concepts Every Developer Should Know

Implementing OpenID Connect and OAuth 2.0 – Tips from the Trenches - Dominick Baier
▶︎

Implementing OpenID Connect and OAuth 2.0 – Tips from the Trenches - Dominick Baier

Forget about OAuth 2.0. Here comes OAuth 2.1 - Philippe De Ryck - NDC Oslo 2022
▶︎

Forget about OAuth 2.0. Here comes OAuth 2.1 - Philippe De Ryck - NDC Oslo 2022

Building confidence in concurrent code with a model checker - Scott Wlaschin - NDC Oslo 2020
▶︎

Building confidence in concurrent code with a model checker - Scott Wlaschin - NDC Oslo 2020

Securing APIs & Microservices with OAuth & OpenID Connect • Travis Spencer • GOTO 2018
▶︎

Securing APIs & Microservices with OAuth & OpenID Connect • Travis Spencer • GOTO 2018

System Design Explained: APIs, Databases, Caching, CDNs, Load Balancing & Production Infra
▶︎

System Design Explained: APIs, Databases, Caching, CDNs, Load Balancing & Production Infra

[Webinar] OAuth and OpenID Connect in Plain English
▶︎

[Webinar] OAuth and OpenID Connect in Plain English

Unlocking the Power of Azure Networking Services to Safeguard Your Applications
▶︎

Unlocking the Power of Azure Networking Services to Safeguard Your Applications

Attacking AI - Jason Haddix - NDC Security 2026
▶︎

Attacking AI - Jason Haddix - NDC Security 2026

Microservice Authentication and Authorization | Nic Jackson
▶︎

Microservice Authentication and Authorization | Nic Jackson

Introduction to OAuth 2.0 and OpenID Connect • Philippe De Ryck • GOTO 2018
▶︎

Introduction to OAuth 2.0 and OpenID Connect • Philippe De Ryck • GOTO 2018

Modern Web UI with Blazor WebAssembly - Steve Sanderson - NDC Oslo 2020
▶︎

Modern Web UI with Blazor WebAssembly - Steve Sanderson - NDC Oslo 2020

Design Microservice Architectures the Right Way
▶︎

Design Microservice Architectures the Right Way

Using the BFF pattern to secure SPA and Blazor Applications - Dominick Baier - NDC Oslo 2021
▶︎

Using the BFF pattern to secure SPA and Blazor Applications - Dominick Baier - NDC Oslo 2021

The 90 Minutes That Wiped Out a Trillion-Dollar AI Monopoly
▶︎

The 90 Minutes That Wiped Out a Trillion-Dollar AI Monopoly

OAuth: When Things Go Wrong
▶︎

OAuth: When Things Go Wrong