In this 4 part online course you will get a comprehensive understanding of OpenID Connect. You will learn about important aspects of OpenID Connect such as: what are ID tokens and how to validate them, how to properly manage sessions and different ways of enabling stronger authentication methods.
Register to receive each new lesson directly to your inbox and watch from the comfort of your chair, at a time that suits you.
Each session is approximately 30 minutes long.
The first session of the four part course highlights the differences between the OpenID Connect and OAuth specifications. You’ll learn about new flows introduced in OpenID Connect and some new concepts, like the metadata endpoint and the nonce parameter.
In the second part, we will dive deep into claims and ID tokens. You will learn about standard claims introduced in OpenID Connect, their relation to scopes and to the UserInfo endpoint. You’ll also learn how the JWKS endpoint is used in the ID token verification process.
In part three we focus on authentication, specifically the techniques used in OpenID Connect to assess levels of authentication. We also show ways of increasing the level of security in OAuth and OpenID Connect flows through usage of signed requests objects and validation of responses with the help of an ID token.
In the fourth and final session in the series we’ll explain the details of the OpenID Logout specifications. We will demonstrate how they can used to Single Logout, and keeping the sessions in sync across applications.