Anders Björk, Lars-Åke Strand
Designed to fit roles such as IT management, operations, strategy, architects, sourcing partners and application developers looking to expand their knowledge about delegated access and identity.
Basic knowledge in IT, network and web technology
Do you have a larger group of attendees from your organization? Would you like us to carry out the master class at your site, in swedish or english?
Please contact PhenixID for a price offer for an on-site master class.
Delegated access and identity (OAuth and OpenID Connect)
Delegated access was introduced when the need of exchanging user-owned data between different applications, such as social media services, increased in the early 2000's.
OAuth is a common standard for delegated access which has been driven by the increased need of data sharing between different applications.
The OAuth standard was designed to keep user integrity and to maintain high security when sharing data between applications.
The last version of OAuth, called OpenID Connect, introduces a standard flow for external user authentication which can be used to to gain a number of different benefits such as single sign-on, password-less authentication, a single userID to remember and a single point to apply corporate security policies.
The OpenID Connect standard is applicable for web and non-web applications, such as a mobile app or a rich client.
The training schedule contains both theoretical and practical parts to understand how the standards work and how data flows. The practical parts include understanding, testing and debugging OAuth and OpenID Connect flows.
OAuth and OpenID Connect overview
- The OAuth Standard
- The OpenID Connect Standard
- When and where to use the standards
- Common pitfalls