Oauth2 JWT Interview Questions and Answers | Grant types, Scope, Access Token, Claims | Code Decode
Вставка
- Опубліковано 8 лип 2024
- In this video of code decode we have explained oauth 2.0 and JWT along with Interview questions and answers
Udemy Course of Code Decode on Microservice k8s AWS CICD link:
openinapp.co/udemycourse
Course Description Video :
yt.openinapp.co/dmjvd
Checkout Next Level By Unacademy nxtlvl.in/dctw
What Is OAuth All about?
It’s an open standard Or A Protocol for authorization .
Security -
Authentication - Who u are?
Authorization - What do u want ?
OAuth 2 is an authorization framework that enables applications - such as Facebook, Twitter- to obtain limited access to user accounts on an HTTP service.
It works by delegating user authentication to the service that hosts a user account and authorizing third-party applications to access that user account.
OAuth 2 provides authorization flows and not the authentication.
There are two versions of OAuth: OAuth 1.0a and OAuth 2.0. These specifications are completely different from one another, and cannot be used together: there is no backwards compatibility between them. OAuth 2.0 is the most widely used form of OAuth
How Oauth 2.0 works?
The application requests authorization to access service resources from the user
If the user authorized the request, the application receives an authorization grant
The application requests an access token from the authorization server (API) by presenting authentication of its own identity, and the authorization grant
If the application identity is authenticated and the authorization grant is valid, the authorization server (API) issues an access token to the application. Authorization is complete.
The application requests the resource from the resource server (API) and presents the access token for authentication
If the access token is valid, the resource server (API) serves the resource to the application
It is designed primarily as a means of granting access to a set of resources, for example, remote APIs or user data.
What are Scopes and Tokens?
Scopes and tokens are how OAuth implements granular access controls.
Together they represent a “permission to do something.” The token is the “permission” part and the scope defines what the “do something” is.
Think of a movie ticket: the scope is the name of the movie you are authorized to watch and the ticket itself is the token, which only a theater employee can validate as authenticate. Also tokens have expiration date. Similar to movie time written on movies ticket.
Access token also have scope information
There are four types of scopes:
Read Access
Write Access
Read and Write Access
No Access
What are grants?
Application grant types (or flows) are methods through which applications can gain Access Tokens and by which you grant limited access to your resources to another entity without exposing credentials.
Taking an example of movie ticket booking. You can get access to movie tickets by 2 ways
Walkin to theater and purchase from window
book online
These are 2 grants or flows. The method you’ve chosen dictates what you will do to obtain the ticket.
Similar is Grant types - ways to obtain access token
Oauth2 provides following Grants -
Client Credentials - Used for non-interactive applications e.g., automated processes, microservices, etc. In this case, the application is authenticated per se by using its client id and secret
Authorization Code - The Authorization Code flow might be used by Single Page Apps (SPA) like Angular applications. In such SPA, the client secret cannot be stored securely, and so authentication, during the exchange, is limited to the use of client id alone
Most Asked Core Java Interview Questions and Answers: • Core Java frequently a...
Advance Java Interview Questions and Answers: • Advance Java Interview...
Java 8 Interview Questions and Answers: • Java 8 Interview Quest...
Hibernate Interview Questions and Answers:
• Hibernate Interview Qu...
Spring Boot Interview Questions and Answers:
• Advance Java Interview...
Angular Playlist: • Angular Course Introdu...
SQL Playlist: • SQL Interview Question...
GIT: • GIT
Subscriber and Follow Code Decode
Subscriber Code Decode: ua-cam.com/users/CodeDecode?...
LinkedIn : / codedecodeyoutube
Instagram: / codedecode25
#codedecode #intuit #tcs
We asked you delivered. Thats code decode for you all❤️💯
Thanks Arpit 🙂🙂🙏🙏
@@CodeDecode hello Ma'am, I have a question, is spring security and auth2 same, can we use anyone of these for the security of application, can I say spring security instead of auth2
Very good and clear explanation on OAuth. Keep up the good work and provide the next version of this with code.
Truly You are an soldier who is helping many candidates in cracking their tech interviews and what I am today is because of your videos only.. Heartily Thanks a lot for your efforts and help .. Take care of your health and keep rocking ✨
Thanks a lot Naveen for such a beautiful comment. It made my day🙂🙂. It's your hardwork n dedication to learn which uplifted you Man 👏👏. Great job 💯👍👍👍👍keep learning keep shining Man 🎉🎉
Thanks , Well explained and covered most of the okta and oauth2 parts in a single video 👏
Thanks Rahul 🙂
I am eagerly waiting for this series to complete, please keep up the good work 👍👍👍
Sure Mayuresh 👍👍
Awesome demonstration of such complex architectures, thank you Code decode *\/*
You're welcome
Thank you so much for sharing your knowledge. Your way of explanation is very clear, understandable and engaging. Every video you make is just awesome. You deserve a 1 million subscribers.👏👏👏👏👏👏
Thanks a ton😊😊❤️❤️
Great OAuth tutorial and explanation. Thank you.
Glad it was helpful!
Well explained again. Waiting for OKTa and jwt decoding from server side. Thank you for bringing super valuable session
Sure Raakesh 👍
Simply Awesome and mind blowing, great effort!!! Keep Rocking!!!
Thanks a lot🙂🙂
very good explaination and very helpful video for interview..... Thankyou mam
I would like to take this opportunity to thank you very much as your content has helped me a lot in getting job in one my dream company. You have explained the concepts in an excellent way. Keep up the good work all the best!!
😊😊 many many congratulations Swaruppal
Just awesome ❤ I really appreciate your explanation… 🙏🙏🙏 thanks
You're welcome
Thank you sis. No words to say 💕
Thanks 🙏🙂🙂🙂
Thank you so much for explaining, you are doing a great job.
Thanks for appreciating
Just awesome 🎉
Thanks mam for your continuous effort, your explanations are crystal clear and easy to understand. You are really a gem, thanks a ton ❤ God bless you all 🙏
Thanks 🙏👍👍
Thanks...very good explanation 👍👍💯
Thanks Jainam 👍👍
After Durga Mata and Kali Mata , you are the my Java Mata :).Thanks from bottom of my heart for the dedication you put in the explanation.
😂Thanks ❤️
That's very much in detail explanation. It would be helpful if you can explain and walk us through how to implement the coding part of it.
Sure Vishal 👍👍
Very Good Explanation Mam 🙌🏼
Thanks Vinod 🙂👍
muy buena explicacion
Thanks 🙂🙂
You are Awesome and great explanation and take care
Thanks
Bro u save lives🙇
😁😁
very satisfied
Thanks. Very good explanation 🙏. And please make code walkthrough for this topic
Sure Keerthi 🙂👍
Waiting for the day when u have a minimum 1M subscribers
😊😊 means a lot to us 🙏🙏
Great . It would be very beneficial if u make a small spring boot application with outh plz
Sure we will do that👍
Thank you for this wonderful vide, please create implementation video as well.
sure we will create it soon
Awesome explaination. Can you please make video on OIDC using spring boot
Sure 👍
it is very useful video.Pls do a video on spring boot with okta thanks
sure we will create it soon
Yes pls do
Sure Ganesh 👍
You are really great madam, 💖.
Thanks Sudheer 🙂🙂
I am always follow your site for interview questions and everything. Thanks is a very small word for your efforts madam.
Hope you land at your dream job Sudheer. Keep learning keep Rocking Man 👍👍🙂🙂
Thanks and great explanation ! Could you please spring security with Spring boot application with configuration with OKTA, Thank you.
Sure
Where does the client app or browser saves this jwt token
Please make part 3 complete videos on claims also 😊
Sure we will create it soon
Thanks. Please create code implementation video.
sure we will create it soon
Can you please make the implementation video for oauth2 whatever you discussed?
Yes implementation is very important
Sure Rahul. It's in pipeline 👍👍
So true 👍👍. Sure we will put video on that
Hi Mam,
Please implement Oauth 2 and JWT in spring boot application once because it's difficult to understand theory.
Thank you 😊
Do make video on OIDC
Sure Saumil 👍👍
OAuth1 is deprecated ,But why we moved to oAuth 2 ?, what is the difference between OAuth 1 and OAuth2 ?
Pls make next video with okta, oath2
sure we will create it soon
Please give the PDF link for the notes which you are referring to while teaching
Hey, I have referred multiple blogs sites .it's Not from one place. You can find every thing in description bar below 👍👍happy learning👍
Please post a code walkthrough for the same...we are waiting
Sure LakshmiPriya 👍🙂
🙏🙏👍
🙂🙂
Please Mam make a implementation video on oatuh2 and okta
Sure, we will try to incorporate your video in this week . 👍
Please create video for implementation
Sure Chandra we will create it soon
Please create video for oidc
Sure we will create a video on that soon 👍🙂
Please cover coding part for OAuth
Sure Anusha👍👍
Yes please cover coding part for okta for spring/spring boot project