OpenID Connect & JWT: Identity as a Service for your Apps
What you'll learn
- Use OpenID Connect - simple and convenient signup for your users, higher conversion and more sales for you
- Build Social Login Screens (e.g. Login with your Google Account)
- Validate OpenID Connect Tokens - ensure users are who they say they are - cryptographically.
- Understand how OpenID Connect works - no more confusion about tokens, endpoints, interactions
- Apply OpenID Connect correctly - our step-by-step guide will make it as easy as possible for you.
- Select the appropriate OpenID Connect flow for your app - so you profit from OpenID Connect to the max!
- Helpful to know OAuth, but not required
- Helpful to know basic web development
2020-04-04 More than 500 satisfied students
2020-04-04 Answered 2 questions of my students in the Q&A
Learn OpenID Connect to get higher signups & conversion for your apps!
Login with Google, Facebook, LinkedIn - all successful apps do it, so should you
Do you want to know how OpenID Connect works?
Exploring how OpenID Connect works in detail is the subject of this course. We take a bottom-up approach and first study all the elements (actors, endpoints, and tokens) of OpenID Connect. This puts us in an excellent position for the second step: to understand the various OpenID Connect Flows - how the actors, endpoints, and tokens are put together to transmit identity claims securely.
Do you wonder why there are several OpenID Connect Flows?
Whether we use OpenID Connect from a mobile app, a script in a browser or from a secure backend server, there is an appropriate OpenID Connect Flow with the right tradeoffs in security, functionality, and convenience for each of these scenarios. This course helps you to choose the right one.
Do you think that these OpenID Connect Flows are confusing?
You are not alone; the OpenID Connect Flows tend to get confusing. However, with this course, we make it clear and easy to understand: We visualize these flows and show how to choose the flow that is appropriate for a given scenario. A picture says more than a 1000 words - that is why we explain the OpenID Connect Flows using easy to understand sequence diagrams.
Do you want to understand how JWT works?
This course explains what a JSON Web Token (JWT) is, how it is used in OpenID Connect, how it is constructed, what data it contains, how to read it, and how to protect its contents.
Do you wonder why there are so many tokens in OpenID Connect and how to use them?
There are JWT, JWS, JWE, access tokens, refresh tokens, identity tokens, and authorization codes. This book helps you to make sense of them all. Using examples, we explore how the tokens are used, constructed, signed, and encrypted.
Why is OpenID Connect so popular?
If used in the right way, OpenID Connect is powerful, and everyone loves it:
End-users don't need to signup and remember a new password
Business owners enjoy high conversion rates
Developers don't get any grey hair over securely storing credentials.
Do you want to increase the conversion rate of your app?
Signup and login to a new app become so smooth and convenient that end-users are much more likely to try a new app. It is supported, e.g. by Google, Yahoo, or Microsoft.
This course is for you...
...if you want to improve your market value as a Software Engineer and Security Expert. Imagine what could happen to your professional career if you could add OpenID Connect, API Security and OAuth skills to your CV!
API Security experts and engineers who understand OpenID Connect are in HIGH DEMAND, as companies expand their digital business. Plenty of opportunities are waiting for anyone who has the right skills.
Do you want to write best-selling iPhone and Android apps?
The most popular mobile apps integrate with popular social APIs of Google, LinkedIn, Facebook, Paypal and many more. If this is a well-known fact, why do app developers not just do it?
Many app developers are afraid of complicated OpenID Connect integrations. Identity, Login, and Signup are in fact the biggest hurdle for most mobile app developers.
With the knowledge gained in this course, you can use the secret of best app developers out there and finally integrate your app with social APIs.
Do you want to start out on your own, as an entrepreneur, consultant or freelancer?
Knowing API Security, OAuth, and OpenID Connect allows you to realize the big vision of your company in the field of mobile apps, cloud apps and web APIs, such as Google, Paypal, and LinkedIn.
Do you want to build exciting solutions with next-generation technology?
Whether you are a web developer, mobile developer or API developer, an architect or embedded developer for the Internet of Things, today you need to know OpenID Connect to build state of the art solutions.
What does this course offer?
This course offers an introduction to API Security with OpenID Connect. In 7 hours you will gain an overview of the capabilities of OpenID Connect and OAuth. You will learn the core concepts of OpenID Connect. You will get to know all 3 OpenID Connect flows that are used in cloud solutions and mobile apps.
This course explains OpenID Connect in simple terms. The three OpenID Connect flows are visualized graphically using sequence diagrams. The diagrams are then animated so you get to know the interactions step by step and see the big picture of the various OpenID Connect interactions. This high-level overview is complemented with a rich set of example requests and responses and an explanation of the technical details.
Who should take this course?
Do you believe OpenID Connect is complicated? OpenID Connect may seem complex with flows and redirects going back and forth. This course will give you clarity by introducing the seemingly complicated material by many illustrations. These illustrations clearly show all the involved interaction parties and the messages they exchange.
Do you want to learn the OpenID Connect concepts efficiently? This course uses many animated diagrams and sequence diagrams. A good diagram says more than 1000 words.
Do you want to use OpenID Connect in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows.
Who this course is for:
- You should take this course if you need to develop a login screen for your Web App or Mobile App
- If you are a security professional, you need to understand OpenID Connect, since you need to be up to date and will need to assess the security of applications using OpenID Connect
- If you are an entrepreneur, you should know the benefits of social login (e.g. login with your Google Account)
I am a techie at heart with a background in APIs, AI, security and software engineering. At some point, I got a Ph.D.
I use my technical background to help companies define their digital strategy, execute their transformation agendas, and bring innovations to the market.
I love sharing my knowledge in the classroom, at workshops, and in my books. I am an instructor at the API-University, publish a blog on APIs, am the author of several books on APIs, and regularly speak at technology conferences.
My goal as an instructor is to create comprehensive step-by-step courses that break down the complex details into small, digestible pieces. I like to build the kind of material that I myself would have loved to have when I was starting out.