Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes and Refresh Tokens

Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes and Refresh Tokens

HomeAmbient CoderWeb API Security | Basic Auth, OAuth, OpenID Connect, Scopes and Refresh Tokens
Ambient Coder Available on Youtube Published 4 years ago
Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes and Refresh Tokens
ChannelPublish DateThumbnail & View CountDownload Video
Channel AvatarPublish Date not found Thumbnail
0 Views
View on YouTube Download Video
Securing a web API takes a lot of effort. In this video, I explain why the industry has decided to move away from basic authentication and adopt OAuth 2.0 as the new standard for securing web APIs.

This video also explains how OpenID Connect together with OAuth solves both authentication and authorization.

Scopes and deciding how to use scopes in OAuth are tricky. I also provide some tips for making these decisions. Finally, I talk about refresh tokens and how they help with dealing with token expiration.

#WebAPIDesign #OAuth #OpenIDConnect

Web API Design Series – Episode 1 – https://www.youtube.com/watch?v=hkXzsB8D_mo&t=4s
Web API Design Series – Episode 2 – https://www.youtube.com/watch?v=6RvlKYgRFYQ&t=1s

Timecodes
0:00 – Introduction
2:06 – Basic authentication
5:05 – OAuth
10:16 – OpenID Connect
11:23 – Riflescopes
13:55 – Refresh token

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.