What's going on with the OAuth 2.0 Implicit flow?

preview_player
Показать описание
Aaron Parecki and Nate Barbettini discuss the recent developments from the OAuth Working Group's recommendations around the Implicit Flow.

Links mentioned in the video:

BOOK: OAuth 2.0 Simplified

BLOG: Is the OAuth 2.0 Implicit Flow Dead? (With sample code!)

VIDEO: OAuth: When Things Go Wrong

IMPLICIT FLOW:

---------------------------------------------------------------------------------------------------------------

  1. OktaDev
  2. oauth
  3. openid connect
Рекомендации по теме
These Scary Clips 0:20:00

These Scary Clips Are Going Viral Right Now

FROZEN | Let 0:04:03

FROZEN | Let It Go Sing-along | Official Disney UK

Videos Of 'Empty' 0:08:03

Videos Of 'Empty' Goa Streets During Peak Season Go Viral: Are People REALLY Not Visiting ...

What exactly is 0:00:28

What exactly is going on here 😳 #comedy #humor #viral #viralvideo #shorts

FROZEN - Let 0:03:44

FROZEN - Let It Go Sing-A-Long Version | Disney Official HD 1080p

Blind Audition: Tayla 0:01:31

Blind Audition: Tayla Thomas sings Let It Go | The Voice Australia 2018

Birdy and Rhodes 0:04:42

Birdy and Rhodes - Let It All Go (Official Music Video)

This Is Going 0:00:40

This Is Going To Hurt | Trailer - BBC

Disney's Frozen 'Let 0:03:39

Disney's Frozen 'Let It Go' Sequence Performed by Idina Menzel

How's it Going? 0:02:36

How's it Going? | Learn English Phrases | Small Talk

What is going 0:00:45

What is going on? #shots

This Is How 0:12:58

This Is How It Ends. That's Going To Do It. | SpaceX Starbase

King Von - 0:03:53

King Von - How It Go (Official Video)

JUST GO WITH 0:02:34

JUST GO WITH IT - Trailer

What the hell 0:00:18

What the hell is going on here? 🥴😬 LeoNata family #shorts

Everyone KNOWS Trump 0:00:53

Everyone KNOWS Trump is going to ruin everything

2025 IS GOING 0:00:07

2025 IS GOING TO BE GREAT 🤩

Disney's Frozen - 0:03:57

Disney's Frozen - 'Let It Go' Multi-Language Full Sequence

Guess where we 0:00:13

Guess where we are going on vacation!

Just Go With 0:02:36

Just Go With It (2011) - Brows Gone Wild Scene (1/10) | Movieclips

2025 IS GOING 0:00:52

2025 IS GOING TO BE SPECIAL!

Let It Go 0:04:21

Let It Go (Disney's 'Frozen') Vivaldi's Winter - The Piano Guys

Third Eye Blind 0:04:04

Third Eye Blind - How's It Going To Be (Official Music Video) [HD]

LIVE! WHAT IS 0:28:09

LIVE! WHAT IS ABOUT TO HAPPEN TO FOOD PRICES IS GOING TO SHOCK YOU. (Be Ready For It). Mannarino

Комментарии
Автор

I really like how a lot of the potential questions were anticipated, asked and also answered here. I really respect your work here!

hemanth.alluri
Автор

Implicit flow was required as we didn’t have CORS back then. But, how come applications were able to call resource servers at that time? Or were resource server and client app usually had the same domain ?

Dhruv-ncxo
Автор

So far I have read many articles about Oauth2 and the difference between Implicit and AuthCode flow, but this video owned all of them! Great job guys, thanks for it, keep it up!

dmoka
Автор

I am currently working on a solution for a system that will involve OAuth2 and I can't thank you enough for this video and the one about OAuth and OIDC in plain english. Very great conversation between a Product person and a dev that I will be doing something similar to. Thank you thank you thank you!

LMasniuk
Автор

This made the differences between the security level of the flows an the reasons behind them much clearer for me, also cleared up the reasons why it was not one before on some environments, great video!

YoavRaman
Автор

The interviewer did the first and best presentation he is well versed in the technical bit.

sahngcobo
Автор

Aaron has a very unique way and explaining hard concepts simply, great job by Okta team!

omarjarkas
Автор

These guys have a way to explain complicated thing in a very understandable way. Thanks !

ssougnez
Автор

I'm really glad I watched this video. Thank you for uploading!

pwerinside
Автор

Very informative and well presented, thank you! It annoys me to no end that we basically solved this problem with SSL client certificates a long time ago and we keep wasting time on this, but this is kinda beside the point...

FedericoDiDio-sr
Автор

this is such a great explanation haha. honestly the interviewer questions were 100% spot on

alanrice
Автор

That's so useful! So many things I explained I was wondering about and trying to find answers for!

smokelessboy
Автор

10 points for basic clarity as to how and why.

adamglass
Автор

This answered a lot of my questions! Thank you.

tvh
Автор

Really nice discussion, I can tell a lot of thought went into both the question and answer. Thank you!

Omikoshi
Автор

Great video that reveal a lot of my confusion. Thanks!

khanhtranduy
Автор

This was surprisingly too good. Thank you so much! 😎

NoTalentGuy
Автор

Very helpful. Thanks for posting this!

bennorthrop
Автор

Finally a good explanation about this, i have been days searching in the internet, all this oauth2 protocol is the most confusing thing i had ever to learn. Had no idea what was the problem of just sending a token in the url. But if it is not implicit just make the post directly to get the access token?

starbuck
Автор

Great video. All the right questions asked. Thank you!

wiggerlywoo