From the course: Web Security: OAuth and OpenID Connect
Join today to access over 24,900 courses taught by industry experts.
OAuth recommended practices - OAuth Tutorial
From the course: Web Security: OAuth and OpenID Connect
OAuth recommended practices
- [Instructor] Now that we've talked about OAuth 2.0 in numerous contexts, use cases, and in technologies throughout this course, let's go into a handful of patterns and practices that are pretty consistent, regardless of what your choices are. Please note that the rest of this video is a set of recommendations that should be treated as a baseline that generally works in most situations. There are a few requirements here, but not many. The most important aspect is that these recommendations should inform the questions you ask during planning and implementation. Actually, I'll take that back and give you one hard requirement. Your communications between components must be secure. Use a recent version of SSL or TLS and use a trusted certificate authority. Now, let's look at the components you have to consider. We have the Client Application or device, potentially an API gateway, the OAuth authorization server, and the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.