24. OAuth 2.0: Explained with API Request and Response Sample | High Level System Design

preview_player
Показать описание
➡️ Notes link: Shared in the Member Community Post (If you are Member of this channel, then pls check the Member community post, i have shared the Notes link there)

➡️ Join this channel to get access to member only perks:
  1. Concept && Coding - by Shrayansh
  2. OAuth 2.0
  3. What is OAuth 2.0
  4. Oauth2
  5. OAuth2
  6. Open Authorization
Рекомендации по теме
24. OAuth 2.0: 0:35:24

24. OAuth 2.0: Explained with API Request and Response Sample | High Level System Design

OAuth 2.0 explained 0:10:03

OAuth 2.0 explained with examples

OAuth 2.0 Implementation 1:11:15

OAuth 2.0 Implementation with Spring Security and Spring Boot | Full Example

SSO: SAML vs 0:06:24

SSO: SAML vs OAUTH vs OIDC

#39 Spring Security 0:15:57

#39 Spring Security | Google and Github Login using OAuth2

How to OAuth 0:08:54

How to OAuth 2.0 Authorization with Postman | Generate Google Access Token in Postman | Step By Step

Auth0 in 100 0:08:24

Auth0 in 100 Seconds // And beyond with a Next.js Authentication Tutorial

Authorization Code Grant 0:04:25

Authorization Code Grant Flow Overview

Implementing OAuth 2.0 0:24:56

Implementing OAuth 2.0 from SCRATCH

CCS 2016 - 0:25:12

CCS 2016 - A Comprehensive Formal Security Analysis of OAuth 2 0

OAuth 2.0 Client 0:05:34

OAuth 2.0 Client Credentials Flow (in plain English)

MuleSoft | Mule 0:05:15

MuleSoft | Mule ESB 4 | Session 33 | Apply OAuth 2.0 Policy

How To Secure 0:30:33

How To Secure Applications Using OpenID Connect and OAuth 2.0

OAuth 2.0 - 0:08:49

OAuth 2.0 - PKCE

[Spring Security] Mastering 2:01:24

[Spring Security] Mastering JWT with OAuth2 and JPA for Secure User Authentication & Authorizati...

How To: This 0:17:29

How To: This Video Has 24 Views (pt1) | Configure Google Oauth2

How The UPS 0:25:42

How The UPS API Works oAuth2.0

OAuth PKCE | 0:09:39

OAuth PKCE | OAuth Proof Key for Code Exchange explained

Salesforce Inbound - 0:06:11

Salesforce Inbound - OAuth 2.0 Client Credentials Flow for Server-to-Server Integration

How to consume 0:06:57

How to consume APIs with OAuth2.0 scopes | Example with Google Services API

Oauth2 et OpenId-connect 0:43:48

Oauth2 et OpenId-connect mis à nu, on vous montre tout !

Oauth 2.0 Explanation 0:08:21

Oauth 2.0 Explanation with Example in Hindi | OAuth 2.0 with Practical Examples | Hindi Tutorial

Securing Your APIs 0:31:36

Securing Your APIs with OAuth 2.0 - API Days

POSTMAN API OAUTH2 0:01:00

POSTMAN API OAUTH2 CLIENTCREDENTIALS

Комментарии
Автор

you videos made LLD and HLD so simple for me !!

deepak-kuqq
Автор

Great. Thank you for the Clear and Simple Explanation

gowtham
Автор

Waiting for Spring Boot videos as covered all the topics of Java and LLD, currently going through HLD

shubhamrajput
Автор

Recently I bought your LLD course from Udemy .The effort is awesome but the thing is some video's are in Hindi its hard to understand since I am from south. Please make upcoming videos in English so that everyone can make use of it.Thanks shreyansh.

dhivyaviswanathan
Автор

For csrf, google could issue token only if the client that is requesting the token is matching with the client id that the code was given to

koteshwarraomaripudi
Автор

Hi Shrayansh, I think there is some mistake in the CSRF attack workflow here. When Insta sends request to the resource server with authorization_code (of the attacker), redirect_uri, id and secret the resource server after validation of the code sends the response with the requested data to the redirect_url (which is insta’s uri because this is what was present in the request) not the attacker. Just with the authorization code of the attacker, there is no way for the resource server to send the data to the attacker.

prateek
Автор

Hi Sir, great video! I have a question, all the sensitive information(client id, client secret, username, password) is sent via query parameters, how is security ensured so that these information is not stolen? Thanks in advance!

adityaallam
Автор

Eagerly Waiting for JWT video, as well as Spring boot implementation for O-AUTH as well as JWT from you.

DurgaShiva
Автор

When there is inter service communication, like Order service calls Delivery service, how OAuth is implemented? What would be resource owner, authentication server and all?
This video very well explains OAuth and helped me to understand OAuth . Thank you!

shubhamjumde
Автор

Hey Shreyansh,

Do you have any plan to create a video on fetching thread dump and analysing it for debugging purposes ?

Please reply if you see this. I have asked multiple things on different videos but unfortunately could not get reply to any.

gauravraj
Автор

Hello bhaiya. I have one query. Should i have to pay monthly if i join the membership.

sitikantapanigrahi
Автор

Hey shreyansh, how many videos are pending for the hld playlist?

khushgandhi
Автор

Hi Shreyansh In CSRF attack attacker can know my state value as it's passed in request param if he intercepts my request he will get access to it as well right?

ramprasadthakur
Автор

Hello Shreyansh,

Regarding the authorization & token request, video mentions to include the redirect URI in the query parameter. Typically, for each REST API POST call, we expect a response. Could you clarify whether the authorization code will be included in the REST API call response, or if it will be sent separately by the authorization server via a webhook call to the client's redirect URI? If it is indeed a webhook call, does the client also need to expose an endpoint to receive the authorization code? I'm curious about the industry standard in this context.

ShubhamRajput
Автор

Hey Shrayansh, posting 1 question related to LLD / HLD interview.
1. How are we supposed to create those block diagrams and demonstrate during interview? Asking as I can see interviewee is using some software in one of the mock interviews you took which might not be possible for others.
2. Also does it depend oncompany to company whether they will select an interviewee when he was unable to submit working code though was able to convey uml diagram?

gauravraj
Автор

eagerly waiting for the Springboot implementation !

kartikeyrana
Автор

Hello Shreyansh, I have been following since more than a year now, I have been binge watching your videos earlier even when I wasn't interviewing, a few months back I had some health issue and I had to take break from my work, now I am preparing for interviews and I am trying to watch your playlist, few videos are member only, and you also have a course on udemy, so my question is, Is your course on udemy and the playlist on youtube(with membership) any different or they both are same ? If not same what are the differences? Regards.

vikasrai
Автор

Nice video. 1 question. For /authorization api why we are using GET request ? What if Gmail want to create/update entry at their side to make sure who has asked for code/token then it should be POST request right ?

tejasshaha
Автор

Hi shreyansh,

Can you please suggest some books which u follow for learning these cool backend technology.

AbhishekKumar-kkqs
Автор

Can you cover use cases of each grant type

hnmdrvw