Software Engineering Radio - the podcast for professional software developers Episode 376: Justin Richer On API Security with OAuth 2
20 snips
Aug 13, 2019 Chapters
Transcript
Episode notes
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
Introduction
00:00 • 2min
OAuth 2 - What's the Difference?
02:09 • 5min
What Is OAuth and How Does It Work?
07:02 • 2min
Do You Really Need to Change Your Passwords?
08:33 • 2min
The Key Strengths of OAuth Token Based Models
10:17 • 2min
What's Going on in the Financial Industry?
12:04 • 3min
What's the Nature of Trust?
14:55 • 2min
What Is OAuth 2dance?
16:31 • 4min
Photo Storage API Authentication
20:46 • 2min
How Does Dropbox Prove It's Legitimate?
22:53 • 3min
What's the Secret of a Client Application?
26:14 • 2min
Mobile Apps - What's the Difference?
28:04 • 3min
What's the Best Way to Deal With a Mobile Application?
30:57 • 3min
OAuth 2 - Dynamic Client Registration Protocol
33:31 • 2min
OAuth 2 - What Options Would You Have to Not Do?
35:37 • 3min
Slash Summer
38:32 • 1min
Open ID Connect and OAuth Two - What's the Difference?
40:00 • 5min
Don't Re-Invent Wheels
45:28 • 2min
OAuth 2 Security - Is the Client a Dumb Carrier of It?
47:38 • 3min
RFC - The Jot Specification
50:48 • 2min
The Drawbacks of Jotz
52:41 • 3min
So You Could Sign a Jot With Base 64 URL Encoded JSON?
55:32 • 2min
What's the Drawback of OAuth 2?
57:36 • 4min
I Just Got a Certificate, Is It Any Good?
01:02:06 • 2min
Using the Authorization Code Flow for JavaScript Applications
01:03:46 • 4min
OAuth 2 Client Credentials Grant Type
01:07:25 • 1min
Single Page Apps - One Lesson You Could Teach Every Developer
01:08:53 • 5min