Covering OAuth 2.0, OpenID, PKCE, deprecated flows, JWTs, API Gateways, and scopes, Course

Covering OAuth 2.0, OpenID, PKCE, deprecated flows, JWTs, API Gateways, and scopes, Course

March 30, 2024 | seedling, permanent

tags :

Udemy Course #

ref

Analogy #

  • OAuth2 access token: hotel Key cards.
  • Authorization Server: front desk, mint card. everything behind API Gateway is resource server they check id and issue the card
  • Resource Server: Hotel Room

Roles #

  • user: resource owner
  • the API: resource server
  • application[spa or mobile app accessing the api data]: oauth client
  • The device: user agent

PKCE

No notes link to this note

Calendar March 30, 2024

Go to random page

Previous Next