Overview
The course teaches how to use OAuth 2.0 to secure access to APIs, enabling applications to access data without user credentials. It covers using JWT access tokens, designing scopes for granular access, and implementing OAuth in a microservices architecture. The course discusses the tradeoffs of access tokens, self-encoded tokens, and token validation. The intended audience includes developers, particularly those working with APIs and microservices architectures.
Syllabus
Intro
OAuth vs OAuth Exchange
OAuth for First Party Apps
How OAuth Works
Authorization Code Flow
Example
Auth Flow
Pixie
OAuth Worm
Access Tokens
Drawbacks of Access Tokens
SelfEncoded Tokens
JSON Web Token
Is that enough
Token Validation Example
Token Validation Flexibility
Taught by
Okta