OAuth 2.0 & OpenID Connect (Part 5) - OIDC Introduction
This post gives an introduction to OpenID Connect and the concept of identity federation.…
OAuth 2.0 & OpenID Connect (Part 4) - Device Authorization Flow
This article gives an overview of the steps involved in the device authorization flow, which can be used by input constraint devices (clients) like smart TVs.…
OAuth 2.0 & OpenID Connect - Terminology
This article covers the terminology required to understand the OAuth 2.0 & OpenID Connect flows…
OAuth 2.0 & OpenID Connect (Part 3) - Client Credentials Flow
This article gives an overview of the steps involved in the client credentials flow which is commonly used for server-to-server interactions.…
OAuth 2.0 & OpenID Connect (Part 2) - Authorization Code Flow + PKCE
This post talks about the authorization code flow - probably the most common OAuth 2.0 flow type. And also about the PKCE extension, which can be seen as the successor of the implicit grant flow.…
OAuth 2.0 & OpenID Connect (Part 1) - An introduction
OAuth 2.0 & OpenID Connect does have a reputation of being complex. In this series of posts I am documenting my own endevaours to understand this protocol in more depth…