Learn OAuth 2.0 - Get started as an API Security Expert

Imagine what could happen to your professional career as a Web Developer if you had skills in OAuth and API Security!
4.3 (84 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
825 students enrolled
$95
Take This Course
  • Lectures 44
  • Contents Video: 3.5 hours
    Other: 7 mins
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 7/2015 English

Course Description

Testimonials

This course is based on the bestselling book "OAuth 2.0: Getting Started in Web-API Security". Before I tell you what is presented in the course, just read, what the audience thinks about the book.

Excellent review of the underlying components of OAuth, and the methods of deploying and using it. Love the sequence diagrams. The explanations of the differences between the pattern use cases is most helpful.

***** 5 Stars by A. on April 22, 2015

Great Book: A clear explanation of OAuth and its authentication flows. It provided great descriptions of the OpenId Connect and SAML2 extensions.

***** 5 Stars by Donald E. L. on March 2, 2015

Brief explanation of OAuth but clear and straightforward.

***** 5 Stars by G. S. on February 12, 2015


Recent Updates

2016-07-06 Added Official IETF Specification Document for OAuth 2, RFC 6749

2015-07-30 Added Lecture on OAuth with Paypal

2015-07-28 Added Lecture on OAuth with Google and LinkedIn

2015-07-25 Added Lecture on OAuth with Facebook


This course is for you...

...if you want to improve your market value as a Software Engineer and Security Expert. Imagine what could happen to your professional career if you could add API Security and OAuth skills to your CV!

API Security experts and engineers who understand OAuth are in HIGH DEMAND, as companies expand their digital business. Plenty of opportunities are waiting for anyone who has the right skills.

Do you want to write best-selling iPhone and Android apps?

The most popular mobile apps integrate with popular social APIs of Google, LinkedIn, Facebook, Paypal and many more. If this is a well known fact, why do app developers not just do it?

Many app developers are afraid of complicated OAuth integrations. Security is in fact the biggest hurdle for most mobile app developers.

With the knowledge gained in this course you can use the secret of best app developers out there and finally integrate your app with social APIs.

Do you want to start out on your own, as an entrepreneur, consultant or freelancer?

Knowing API Security and OAuth allows you to realize the big vision of your company in the field of mobile apps, cloud apps and web APIs, such as Google, Paypal and LinkedIn.

Do you want to build exciting solutions with the next generation technology?

Whether you are a web developer, mobile developer or API developer, an architect or embedded developer for the Internet of Things, today you need to know OAuth to build state of the art solutions.

What does this course offer?

This course offers an introduction to API Security with OAuth 2.0. In 3 hours you will gain an overview of the capabilities of OAuth. You will learn the core concepts of OAuth. You will get to know all 4 OAuth flows that are used in cloud solutions and mobile apps.

If you have tried to read the official OAuth specification, you may get the impression that OAuth is complex. This course explains OAuth in simple terms. The four OAuth flows are visualized graphically using sequence diagrams. The diagrams are then animated so you get to know the interactions step by step and see the big picture of the various OAuth interactions. This high-level overview is complemented with rich set of example requests and responses and an explanation of the technical details.

Who should take this course?

You believe OAuth is complicated? OAuth may seem complex with flows and redirects going back and forth. This course will give you clarity by introducing the seemingly complicated material by many illustrations. These illustrations clearly show all the involved interaction parties and the messages they exchange.

You want to learn the OAuth concepts efficiently? This course uses many animated diagrams and sequence diagrams. A good diagram says more than 1000 words.

You want to use OAuth in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows.

You want to use OAuth to protect your APIs? OAuth is perfectly suited to protect your APIs. You can learn which OAuth endpoints need to be provided and which checks need to be made within the protected APIs.

What are the requirements?

  • You should be familiar with basic web service and API development
  • If you would like to use OAuth in a Mobile App, you should know how to develop for the respective platform. Mobile App Development is not covered in this course.

What am I going to get from this course?

  • Use OAuth to access Google, Paypal, LinkedIn and Facebook APIs
  • Use OAuth in Mobile Apps (client-side).
  • Use OAuth to protect your APIs and Cloud Solutions
  • Apply OAuth Best Practices.
  • Choose the correct OAuth Flow flow for your use-case.
  • Know the OAuth Terminology: Actors, Endpoints, Tokens.
  • Use OAuth in Cloud Solutions (client-side).

What is the target audience?

  • This course is for beginners in API Security and OAuth.
  • This course is not for you, if you already know the four basic OAuth flows and how they are used.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Introduction
Welcome
Article
Introduction: Preview of the Course
Preview
01:31
Introduction: What is covered in this course?
02:49
Introduction: Practice Part
05:30
Section 2: OAuth Big Picture
Example: OAuth for Third Party Access
Preview
03:05
Example: The Password Antipattern
03:30
Example: The Solution provided by OAuth 2.0
04:33
The Password Anti-Pattern
04:47
OAuth 2.0 Solution
05:57
OAuth Basics
3 questions
References to more Information on OAuth 2.0
Article
Section 3: OAuth Components
Section Overview: OAuth Terminology
00:58
Overview of OAuth Actors
09:07
OAuth Actors in Detail
09:28
OAuth Endpoints
07:50
The Subway Ticket and the Token
Preview
01:14
Overview of OAuth Tokens and Credentials
07:58
OAuth Components
1 question
Section 4: OAuth Flows: Interactions between the OAuth Components
Example: Interaction of OAuth Components in an OAuth Flow
06:33
Overview of OAuth Flows
04:26
OAuth Flows
3 questions
Section 5: Authorization Code Flow
Usage Scenario and Features of this Flow
Preview
03:44
Authorization Code Flow: Authorization Endpoint
13:04
Authorization Code Flow: Token Endpoint and Resource Access
07:00
Section 6: Authorization Code Flow: Refresh Tokens
Usage Scenario and Features of the Refresh Flow
01:31
Authorization Code Flow: Refreshing Tokens
10:29
Section 7: Implicit Flow
Usage Scenarios and Features of the Implicit Flow
01:58
Section 8: Client Credentials Flow
Usage Scenarios and Features of the Client Credentials Flow
02:02
Section 9: Resource Owner Password Credentials Flow
Usage Scenarios and Features of the Resource Owner Password Credentials Flow
03:16
Section 10: Use OAuth to access Facebook
Intro to OAuth on Facebook
07:56
Hands On: OAuth Flow on Facebook
Preview
07:48
OAuth Worksheet for Facebook
Article
Section 11: Use OAuth to access LinkedIn
Intro to OAuth on LinkedIn
09:16
Hands On: Client Registration on LinkedIn
06:14
Hands On: OAuth Flow on LinkedIn
09:29
OAuth Worksheet for LinkedIn
Article
Section 12: Use OAuth to access GMail and other Google Products
Intro to OAuth on Google
09:58
Hands On: Client Registration on Google
08:09
Hands On: OAuth Flow on Google
11:32
OAuth Worksheet for Google
Article
Hands On: The Google OAuth Playground
05:04
Section 13: Use OAuth to access Paypal
Intro to OAuth on Paypal
05:26
Hands On: Client Registration and OAuth Flow on Paypal
10:43
OAuth Worksheet for Paypal
Article
Section 14: Conclusion
Thank you!
Article
Other Learning Resources
Article
Official IETF Specification Document for OAuth 2, RFC 6749
Article

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Matthias Biehl, Teacher at the API-University

For 7 years Matthias has consulted large international and national companies on software architecture, software development processes and software integration. At some point he got a PhD. Nowadays, Matthias uses his background in software engineering to help companies bring innovative software solutions to the market.

Matthias enjoys sharing his knowledge and experience in the classroom, at in-person workshops, online courses or books. Matthias published several books on software architecture and regularly speaks at technology conferences.

Ready to start learning?
Take This Course