Learn OAuth 20 Get started as an API Security Expert
What you’ll learn
Use OAuth to access Google, Paypal, LinkedIn and Facebook APIs
Use OAuth in Mobile Apps (client-side).
Use OAuth to protect your APIs and Cloud Solutions
Apply OAuth Best Practices.
Choose the correct OAuth Flow flow for your use-case.
Know the OAuth Terminology: Actors, Endpoints, Tokens.
Use OAuth in Cloud Solutions (client-side).
Requirements
You should be familiar with basic web service and API development
If you would like to use OAuth in a Mobile App, you should know how to develop for the respective platform. Mobile App Development is not covered in this course.
Description
Recent Updates2023-02-06 More than 17420 satisfied students2023-01-07 NEW Added 4 new videos on Proof Key for Code Exchange (PKCE)2023-01-06 More than 17240 satisfied students2023-01-06 Answered students’ questions in the Q&A2022-12-30 More than 17200 satisfied students2022-12-29 Answered 4 questions from my students in the Q&A2022-12-20 Answered 19 questions from my students in the Q&AThis course is for you……if you want to improve your market value as a Software Engineer and Security Expert. Imagine what could happen to your professional career if you could add API Security and OAuth skills to your CV! API Security experts and engineers who understand OAuth are in HIGH DEMAND, as companies expand their digital business. Plenty of opportunities are waiting for anyone who has the right skills.Do you want to write best-selling iPhone and Android apps?The most popular mobile apps integrate with popular social APIs of Google, LinkedIn, Facebook, Paypal, and many more. If this is a well-known fact, why do app developers not just do it? Many app developers are afraid of complicated OAuth integrations. Security is in fact the biggest hurdle for most mobile app developers. With the knowledge gained in this course, you can use the secret of the best app developers out there and finally integrate your app with social APIs.Do you want to start out on your own, as an entrepreneur, consultant, or freelancer? Knowing API Security and OAuth allows you to realize the big vision of your company in the field of mobile apps, cloud apps, and web APIs, such as Google, Paypal, and LinkedIn.Do you want to build exciting solutions with next-generation technology? Whether you are a web developer, mobile developer, or API developer, architect, or embedded developer for the Internet of Things, today you need to know OAuth to build state-of-the-art solutions.What does this course offer?This course offers an introduction to API Security with OAuth 2.0. In 3 hours you will gain an overview of the capabilities of OAuth. You will learn the core concepts of OAuth. You will get to know all 4 OAuth flows that are used in cloud solutions and mobile apps.If you have tried to read the official OAuth specification, you may get the impression that OAuth is complex. This course explains OAuth in simple terms. The four OAuth flows are visualized graphically using sequence diagrams. The diagrams are then animated so you get to know the interactions step by step and see the big picture of the various OAuth interactions. This high-level overview is complemented with a rich set of example requests and responses and an explanation of the technical details.Who should take this course?Do you believe OAuth is complicated? OAuth may seem complex with flows and redirects going back and forth. This course will give you clarity by introducing the seemingly complicated material by many illustrations. These illustrations clearly show all the involved interaction parties and the messages they exchange.Do you want to learn the OAuth concepts efficiently? This course uses many animated diagrams and sequence diagrams. A good diagram says more than 1000 words.Do you want to use OAuth in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows.Do you want to use OAuth to protect your APIs? OAuth is perfectly suited to protect your APIs. You can learn which OAuth endpoints need to be provided and which checks need to be made within the protected APIs.
Overview
Section 1: Introduction
Lecture 1 Welcome
Lecture 2 Introduction: Preview of the Course
Lecture 3 Introduction: What is covered in this course?
Lecture 4 Introduction: Practice Part
Section 2: OAuth Big Picture
Lecture 5 Example: OAuth for Third Party Access
Lecture 6 Example: The Password Antipattern
Lecture 7 Example: The Solution provided by OAuth 2.0
Lecture 8 The Password Anti-Pattern
Lecture 9 OAuth 2.0 Solution
Lecture 10 References to more Information on OAuth 2.0
Section 3: OAuth Components
Lecture 11 Section Overview: OAuth Terminology
Lecture 12 Overview of OAuth Actors
Lecture 13 OAuth Actors in Detail
Lecture 14 OAuth Endpoints
Lecture 15 The Subway Ticket and the Token
Lecture 16 Overview of OAuth Tokens and Credentials
Section 4: OAuth Flows: Interactions between the OAuth Components
Lecture 17 Example: Interaction of OAuth Components in an OAuth Flow
Lecture 18 Overview of OAuth Flows
Section 5: Authorization Code Flow
Lecture 19 Usage Scenario and Features of this Flow
Lecture 20 Authorization Code Flow: Authorization Endpoint
Lecture 21 Authorization Code Flow: Token Endpoint and Resource Access
Section 6: Authorization Code Flow: Refresh Tokens
Lecture 22 Usage Scenario and Features of the Refresh Flow
Lecture 23 Authorization Code Flow: Refreshing Tokens
Section 7: Implicit Flow
Lecture 24 Usage Scenarios and Features of the Implicit Flow
Section 8: Client Credentials Flow
Lecture 25 Usage Scenarios and Features of the Client Credentials Flow
Section 9: Resource Owner Password Credentials Flow
Lecture 26 Usage Scenarios and Features of the Resource Owner Password Credentials Flow
Section 10: Proof Key for Code Exchange (PKCE)
Lecture 27 What is Proof Key for Code Exchange (PKCE)
Lecture 28 How the attack works – Part 1
Lecture 29 How the attack works – Part 2
Lecture 30 How PKCE prevents the attack
Section 11: OAuth vs OpenID Connect
Lecture 31 OAuth vs OpenID Connect
Section 12: Use OAuth to access Facebook
Lecture 32 Hands On: OAuth Flow on Facebook
Lecture 33 OAuth Worksheet for Facebook
Section 13: Use OAuth to access LinkedIn APIs
Lecture 34 OAuth on LinkedIn
Lecture 35 OAuth Worksheet for LinkedIn
Section 14: Use OAuth to access GMail and other Google Products
Lecture 36 Intro to OAuth on Google
Lecture 37 Hands On: Client Registration on Google
Lecture 38 Hands On: OAuth Flow on Google
Lecture 39 OAuth Worksheet for Google
Lecture 40 Hands On: The Google OAuth Playground
Section 15: Use OAuth to access Paypal
Lecture 41 Intro to OAuth on Paypal
Lecture 42 Hands On: Client Registration and OAuth Flow on Paypal
Lecture 43 OAuth Worksheet for Paypal
Section 16: FAQ: OAuth on Mobile
Lecture 44 OAuth for Android and iOS
Lecture 45 Redirect URL on Ionic
Section 17: Final Mission
Lecture 46 Your Final Mission
Section 18: Conclusion
Lecture 47 Thank you!
Lecture 48 Career Tip: Show what you have learned! Publish your Certificate!
Lecture 49 Get a Better Job
Lecture 50 Book OAuth 2.0: Getting Started in API Security
Lecture 51 Book OpenID Connect – End-user Identity for Apps and APIs
Lecture 52 Other Learning Resources
Lecture 53 Official IETF Specification Document for OAuth 2, RFC 6749
This course is for beginners in API Security and OAuth.,This course is not for you, if you already know the four basic OAuth flows and how they are used.
Course Information:
Udemy | English | 4h 28m | 1.95 GB
Created by: Matthias Biehl
You Can See More Courses in the Developer >> Greetings from CourseDown.com