Brilliant. There are just talks or there is a presentation driven by someone who has the vast intention and willingness to transfer knowledge. That's what we have here. Thanks Philippe.
Finally an outstanding presentation that also explain the resource server perspective. Without doubt the best Oauth-2 presentation so far I have found on youtube.
In these diagrams, using the Twitter example, would "client" always refer to Buffer's back and and "resource server" always refer to Twitter's back end?
Small but important detail 41:16 he says there are only 3 flows but in reality OpenID Connect supports all OAuth 2.0 grant types including ROPC Grant and Client Credentials Grant.
Too bad he doesn't say anything about the Authorization Code Grant with Proof Key For Code Exchange (PKCE) flow because that is now the recommended flow for public clients instead of the implicit flow. And yes this was recommended before 2018.
Brilliant. There are just talks or there is a presentation driven by someone who has the vast intention and willingness to transfer knowledge. That's what we have here. Thanks Philippe.
The best talk about OAuth and OIDC ever watched
Thank you. First talk in two weeks that has explained oidc
Man, I am glad that thing finally makes sense to me
Thank you.
By far the best session on OAuth2.0 available on youtube.
Finally an outstanding presentation that also explain the resource server perspective. Without doubt the best Oauth-2 presentation so far I have found on youtube.
A consolidated session. Thanks a lot Philippe and GOTO!
Thank you Philippe De Ryck for this excellent presentation!
This is a really clear explanation!
I like this guy, he explain very well.
The best on the topic ! Philipe rocks !
Endpoint should be /token instead of /auth at 17:26
Really nice explanation on OIDC flow and what to do with the ID token
Awesome explanation thanks Philippe
that's a very great explanation, man. thanks a lot.
Very good explanation. Thanks you.
Perfect presentation.
Outstanding presentation, thank you for sharing!
In these diagrams, using the Twitter example, would "client" always refer to Buffer's back and and "resource server" always refer to Twitter's back end?
Small but important detail 41:16 he says there are only 3 flows but in reality OpenID Connect supports all OAuth 2.0 grant types including ROPC Grant and Client Credentials Grant.
I love GOTO; Intro
Thanks
wonderful talk
Very good presentation!
Really well explained. Thank you!
very well presented, thanks!
beautiful
very well explained
Very good!
very helpful. thank you.
Excelent...
Can you give me that What is Client at 14 : 25 ?? Follow me it can Server API ?
Slides link pls
Hi there, thanks for your comment. If available the slides are linked in the video description. Here you go:
gotober.com/2018/sessions/653
Too bad he doesn't say anything about the Authorization Code Grant with Proof Key For Code Exchange (PKCE) flow because that is now the recommended flow for public clients instead of the implicit flow. And yes this was recommended before 2018.
Philippe De Ryck