OAuth2 and OIDC demystified: with hands-on using Keycloak
OAuth2 and OIDC demystified: with hands-on using Keycloak, Designed for Understanding OAuth2/OIDC: When to Use Flows and How They Work Using Low-Level HTTP Requests.
Course Description
Welcome to “OAuth2 and OIDC Demystified”. This course is designed to equip you with a deep understanding of the core concepts and essential details needed to effectively use OAuth2 and OIDC in real-world scenarios. It is intentionally short and to the point, since I value your time. You can always re-watch some parts if you find them harder to understand, and I recommend you to do that.
What You’ll Learn:
- Core Concepts and Terminology: Fundamental components of OAuth2 and OIDC, including roles, tokens and scopes. Understanding these basics will serve as the foundation for everything you do with OAuth2 and OIDC.
- Authorization Flows: Learn the different OAuth2 flows: Authorization Code (PKCE), Client Credentials, Device Code, Refresh Token, Implicit and Password. Discover when and why you should use each one, depending on your application’s needs and security requirements.
- Low-Level OAuth2: Test OAuth2 flows using raw HTTP requests. By understanding how OAuth2 flows work on low-level (instead of using libraries), you’ll be better prepared to troubleshoot issues and ensure secure communication.
This course is intended for developers, architects, and IT professionals who are looking to deepen their knowledge of OAuth2 and OIDC. Whether you are integrating third-party authentication providers, securing APIs, or simply wanting to understand the technology better, this course has something for you.
You should have a basic understanding of HTTP protocol and some experience in software development is desirable.
This is NOT a course on how to use and configure Keycloak or any other identity provider, and this is NOT a course on how to use authentication libraries. The main goal is to understand OAuth2 protocol, how it works and how to use it.
By the end of this course, you will have a strong grasp of OAuth2 and OIDC and be confident in choosing the right authorization flows.
Join us on this journey to demystify OAuth2 and OIDC and take your authentication skills to the next level!