From the course: Web Security: OAuth and OpenID Connect
Join today to access over 24,700 courses taught by industry experts.
OAuth extensions - OAuth Tutorial
From the course: Web Security: OAuth and OpenID Connect
OAuth extensions
- [Narrator] Now that we've toured OAuth and numerous extensions, let's ask a fundamental question that I hear all the time. Do you support OAuth? Hopefully, after making it this far in the course, you see that's a nuanced question that has massive complexity behind it. Most of the time, if somebody asks that they don't necessarily mean just a core OAuth specification. More likely they mean some combination of specifications that matches their particular use case. How do I know that? Remember, the OAuth framework doesn't even define using JWTs as token. That's an extension itself. So let's put the pieces together to make a more clear picture. First, we have the core OAuth 2.0 framework, or RFC 6749, which purposely leaves many things undefined. Now to pass data around effectively and easily, let's add RFC 7519 to make sure that our access tokens are JWTs or jot tokens, but now that we're passing tokens around, we…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
