Niko Köbler | keycloak-experte.de Keycloak IAM & SSO ABOUT ME ▸ Freelance Consultant/Architect/Developer/Trainer ▸ Doing stuff with & without Computers, Software, > 23 yrs ▸ Mr. Keycloak > 8 yrs (since 1.x) ▸ Co-Lead of JUG DA (https://www.jug-da.de / @JUG_DA) ▸ Author of „Serverless Computing in AWS Cloud“ serverlessbuch.de ▸ Web: www.n-k.de / Twitter: @dasniko ▸ YouTube: youtube.com/@dasniko
OAUTH2 AUTHORIZATION, NOT AUTHENTICATION! IETF, RFC 6749, 2012 The OAuth 2.0 authorization framework enables a 3rd-party application to obtain limited access to an HTTP service.
OAUTH2 GRANT TYPES GRANT TYPE APPS Authorization Code Web, Apps Implicit JavaScript, etc. Resource Owner Password Credentials Apps Client Credentials Web Refresh Web, Apps
OAUTH2 TERMS Resource Owner Client Authorization Server Resource Server Redirect URI Response Type Scope Consent Client ID Client Secret Authorization Code Access Token
OPEN ID CONNECT AUTHENTICATION LAYER ON TOP OF OAUTH 2.0 ‣ verify the identity of an end-user ‣ obtain basic profile information about the user ‣ RESTful HTTP API, using JSON as data format ‣ allows clients of all types (web-based, mobile, JavaScript) OPENID FOUNDATION, 2014
OPEN ID CONNECT AUTHENTICATION LAYER ON TOP OF OAUTH 2.0 ‣ verify the identity of an end-user ‣ obtain basic profile information about the user ‣ RESTful HTTP API, using JSON as data format ‣ allows clients of all types (web-based, mobile, JavaScript) OPENID FOUNDATION, 2014
dasniko
ancaghenade
masatoshiitoh
munetoshi
makenowjust
k0kubun
beberlei
slobodan
alli83
nsuz
nanya3737
hideg
totokit4
brianwarren
ammeep
myddelton
samanthasiow
bkeepers
holman
malarkey
carmenintech
trallard
dougneiner
mza
eileencodes