Find online courses made by experts from around the world.
Take your courses with you and learn anywhere, anytime.
Learn and practice real-world skills and achieve your goals.
This course is based on the bestselling book "OAuth 2.0: Getting Started in Web-API Security". Before I tell you what is presented in the course, just read, what the audience thinks about the book.
Excellent review of the underlying components of OAuth, and the methods of deploying and using it. Love the sequence diagrams. The explanations of the differences between the pattern use cases is most helpful.
***** 5 Stars by A. on April 22, 2015
Great Book: A clear explanation of OAuth and its authentication flows. It provided great descriptions of the OpenId Connect and SAML2 extensions.
***** 5 Stars by Donald E. L. on March 2, 2015
Brief explanation of OAuth but clear and straightforward.
***** 5 Stars by G. S. on February 12, 2015
2016-07-06 Added Official IETF Specification Document for OAuth 2, RFC 6749
2015-07-30 Added Lecture on OAuth with Paypal
2015-07-28 Added Lecture on OAuth with Google and LinkedIn
2015-07-25 Added Lecture on OAuth with Facebook
This course is for you...
...if you want to improve your market value as a Software Engineer and Security Expert. Imagine what could happen to your professional career if you could add API Security and OAuth skills to your CV!
API Security experts and engineers who understand OAuth are in HIGH DEMAND, as companies expand their digital business. Plenty of opportunities are waiting for anyone who has the right skills.
Do you want to write best-selling iPhone and Android apps?
The most popular mobile apps integrate with popular social APIs of Google, LinkedIn, Facebook, Paypal and many more. If this is a well known fact, why do app developers not just do it?
Many app developers are afraid of complicated OAuth integrations. Security is in fact the biggest hurdle for most mobile app developers.
With the knowledge gained in this course you can use the secret of best app developers out there and finally integrate your app with social APIs.
Do you want to start out on your own, as an entrepreneur, consultant or freelancer?
Knowing API Security and OAuth allows you to realize the big vision of your company in the field of mobile apps, cloud apps and web APIs, such as Google, Paypal and LinkedIn.
Do you want to build exciting solutions with the next generation technology?
Whether you are a web developer, mobile developer or API developer, an architect or embedded developer for the Internet of Things, today you need to know OAuth to build state of the art solutions.
What does this course offer?
This course offers an introduction to API Security with OAuth 2.0. In 3 hours you will gain an overview of the capabilities of OAuth. You will learn the core concepts of OAuth. You will get to know all 4 OAuth flows that are used in cloud solutions and mobile apps.
If you have tried to read the official OAuth specification, you may get the impression that OAuth is complex. This course explains OAuth in simple terms. The four OAuth flows are visualized graphically using sequence diagrams. The diagrams are then animated so you get to know the interactions step by step and see the big picture of the various OAuth interactions. This high-level overview is complemented with rich set of example requests and responses and an explanation of the technical details.
Who should take this course?
You believe OAuth is complicated? OAuth may seem complex with flows and redirects going back and forth. This course will give you clarity by introducing the seemingly complicated material by many illustrations. These illustrations clearly show all the involved interaction parties and the messages they exchange.
You want to learn the OAuth concepts efficiently? This course uses many animated diagrams and sequence diagrams. A good diagram says more than 1000 words.
You want to use OAuth in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows.
You want to use OAuth to protect your APIs? OAuth is perfectly suited to protect your APIs. You can learn which OAuth endpoints need to be provided and which checks need to be made within the protected APIs.
Not for you? No problem.
30 day money back guarantee.
Learn on the go.
Desktop, iOS and Android.
Certificate of completion.
|Section 1: Introduction|
Introduction: Preview of the CoursePreview
Introduction: What is covered in this course?
Introduction: Practice Part
|Section 2: OAuth Big Picture|
Example: OAuth for Third Party AccessPreview
Example: The Password Antipattern
Example: The Solution provided by OAuth 2.0
The Password Anti-Pattern
OAuth 2.0 Solution
References to more Information on OAuth 2.0
|Section 3: OAuth Components|
Section Overview: OAuth Terminology
Overview of OAuth Actors
OAuth Actors in Detail
The Subway Ticket and the TokenPreview
Overview of OAuth Tokens and Credentials
|Section 4: OAuth Flows: Interactions between the OAuth Components|
Example: Interaction of OAuth Components in an OAuth Flow
Overview of OAuth Flows
|Section 5: Authorization Code Flow|
Usage Scenario and Features of this FlowPreview
Authorization Code Flow: Authorization Endpoint
Authorization Code Flow: Token Endpoint and Resource Access
|Section 6: Authorization Code Flow: Refresh Tokens|
Usage Scenario and Features of the Refresh Flow
Authorization Code Flow: Refreshing Tokens
|Section 7: Implicit Flow|
Usage Scenarios and Features of the Implicit Flow
|Section 8: Client Credentials Flow|
Usage Scenarios and Features of the Client Credentials Flow
|Section 9: Resource Owner Password Credentials Flow|
Usage Scenarios and Features of the Resource Owner Password Credentials Flow
|Section 10: Use OAuth to access Facebook|
Intro to OAuth on Facebook
Hands On: OAuth Flow on FacebookPreview
OAuth Worksheet for Facebook
|Section 11: Use OAuth to access LinkedIn|
Intro to OAuth on LinkedIn
Hands On: Client Registration on LinkedIn
Hands On: OAuth Flow on LinkedIn
OAuth Worksheet for LinkedIn
|Section 12: Use OAuth to access GMail and other Google Products|
Intro to OAuth on Google
Hands On: Client Registration on Google
Hands On: OAuth Flow on Google
OAuth Worksheet for Google
Hands On: The Google OAuth Playground
|Section 13: Use OAuth to access Paypal|
Intro to OAuth on Paypal
Hands On: Client Registration and OAuth Flow on Paypal
OAuth Worksheet for Paypal
|Section 14: Conclusion|
Other Learning Resources
Official IETF Specification Document for OAuth 2, RFC 6749
For 7 years Matthias has done consulting work for large international and national companies on software architecture, software development processes and software integration. At some point he got a PhD. Nowadays, Matthias uses his background in software engineering to help companies bring innovative software solutions to the market.
Matthias enjoys sharing his knowledge and experience in the classroom, at in-person workshops, online courses or books. Matthias published several books on software architecture and regularly speaks at technology conferences.