Oauth2 JWT Interview Questions and Answers | Grant types, Scope, Access Token, Claims | Code Decode

Показать описание

In this video of code decode we have explained oauth 2.0 and JWT along with Interview questions and answers

Udemy Course of Code Decode on Microservice k8s AWS CICD link:

Course Description Video :

What Is OAuth All about?
It’s an open standard Or A Protocol for authorization .
Security -
Authentication - Who u are?
Authorization - What do u want ?

OAuth 2 is an authorization framework that enables applications — such as Facebook, Twitter— to obtain limited access to user accounts on an HTTP service.

It works by delegating user authentication to the service that hosts a user account and authorizing third-party applications to access that user account.

OAuth 2 provides authorization flows and not the authentication.

There are two versions of OAuth: OAuth 1.0a and OAuth 2.0. These specifications are completely different from one another, and cannot be used together: there is no backwards compatibility between them. OAuth 2.0 is the most widely used form of OAuth

How Oauth 2.0 works?
The application requests authorization to access service resources from the user

If the user authorized the request, the application receives an authorization grant

The application requests an access token from the authorization server (API) by presenting authentication of its own identity, and the authorization grant

If the application identity is authenticated and the authorization grant is valid, the authorization server (API) issues an access token to the application. Authorization is complete.

The application requests the resource from the resource server (API) and presents the access token for authentication

If the access token is valid, the resource server (API) serves the resource to the application

It is designed primarily as a means of granting access to a set of resources, for example, remote APIs or user data.

What are Scopes and Tokens?
Scopes and tokens are how OAuth implements granular access controls.

Together they represent a “permission to do something.” The token is the “permission” part and the scope defines what the “do something” is.

Think of a movie ticket: the scope is the name of the movie you are authorized to watch and the ticket itself is the token, which only a theater employee can validate as authenticate. Also tokens have expiration date. Similar to movie time written on movies ticket.

Access token also have scope information
There are four types of scopes:

Read Access
Write Access
Read and Write Access
No Access

What are grants?
Application grant types (or flows) are methods through which applications can gain Access Tokens and by which you grant limited access to your resources to another entity without exposing credentials.

Taking an example of movie ticket booking. You can get access to movie tickets by 2 ways

Walkin to theater and purchase from window
book online

These are 2 grants or flows. The method you’ve chosen dictates what you will do to obtain the ticket.

Similar is Grant types - ways to obtain access token

Oauth2 provides following Grants -

Client Credentials - Used for non-interactive applications e.g., automated processes, microservices, etc. In this case, the application is authenticated per se by using its client id and secret

Authorization Code - The Authorization Code flow might be used by Single Page Apps (SPA) like Angular applications. In such SPA, the client secret cannot be stored securely, and so authentication, during the exchange, is limited to the use of client id alone

Hibernate Interview Questions and Answers:

Spring Boot Interview Questions and Answers:

Subscriber and Follow Code Decode

#codedecode #intuit #tcs

Рекомендации по теме

Комментарии

We asked you delivered. Thats code decode for you all❤️💯

arpitsik

Very good and clear explanation on OAuth. Keep up the good work and provide the next version of this with code.

Priyakarthick

Truly You are an soldier who is helping many candidates in cracking their tech interviews and what I am today is because of your videos only.. Heartily Thanks a lot for your efforts and help .. Take care of your health and keep rocking ✨

lifeistooshort-alwaysbehappy

I am eagerly waiting for this series to complete, please keep up the good work 👍👍👍

mayureshkumbhar

Thanks, Well explained and covered most of the okta and oauth2 parts in a single video 👏

rahulshukla

Awesome demonstration of such complex architectures, thank you Code decode *\/*

chandrachurdafadar

Thank you so much for sharing your knowledge. Your way of explanation is very clear, understandable and engaging. Every video you make is just awesome. You deserve a 1 million subscribers.👏👏👏👏👏👏

emmanuelgeorge

Well explained again. Waiting for OKTa and jwt decoding from server side. Thank you for bringing super valuable session

rakeshkachhadiya

I would like to take this opportunity to thank you very much as your content has helped me a lot in getting job in one my dream company. You have explained the concepts in an excellent way. Keep up the good work all the best!!

swaruppal

Simply Awesome and mind blowing, great effort!!! Keep Rocking!!!

SenthilRajaM-sert

Great OAuth tutorial and explanation. Thank you.

samsonrj

Just awesome ❤ I really appreciate your explanation… 🙏🙏🙏 thanks

DiegoFernandoRuizS

very good explaination and very helpful video for Thankyou mam

KamleshKumar-rjre

Thank you so much for explaining, you are doing a great job.

aliraza

That's very much in detail explanation. It would be helpful if you can explain and walk us through how to implement the coding part of it.

vishaldhamde

Thanks mam for your continuous effort, your explanations are crystal clear and easy to understand. You are really a gem, thanks a ton ❤ God bless you all 🙏

codeloverAthu

After Durga Mata and Kali Mata, you are the my Java Mata :).Thanks from bottom of my heart for the dedication you put in the explanation.

Amarsri

Yes please implement the auth 2.0 and okta through coding

SapkalRohit

Thanks. Very good explanation 🙏. And please make code walkthrough for this topic

bharukeerthi

You are Awesome and great explanation and take care

arjun

Oauth2 JWT Interview Questions and Answers | Grant types, Scope, Access Token, Claims | Code Decode

Oauth2 JWT Interview Questions and Answers | Grant types, Scope, Access Token, Claims | Code Decode

OAuth 2 Explained In Simple Terms

OAuth Vs JWT | What is the difference? | Tech Primers

OAuth 2.0 explained with examples

Top 3 JWT Interview Questions and Answers| JWT Token structure explained | Code Decode |

Why is JWT popular?

Session vs Token Authentication in 100 Seconds

OAuth 2.0 Explained - Authentication Example using OpenID, JWT and Opaque Tokens

9 OAuth

Spring Security in Spring boot Interview Questions and Answers | Part -1 | Code Decode

Session based Authentication vs OAuth 2.0 vs JWT || interview questions

WebAPI Interview Questions & Answers | How does the Token Based Authentication work

oAuth for Beginners - How oauth authentication🔒 works ?

Difference between cookies, session and tokens

ID Tokens VS Access Tokens: What's the Difference?

9 Microservices Interview Questions #microsoft #interviewquestions #jwt #oauth2

Authentication & Authorisation in Microservices Short

Top Spring Security Interview Questions and Answers

OAuth and OpenID Connect - Know the Difference

JWT token vs Server Tokens

Okta in Spring Boot implementation with Spring Security and oauth2 | LIVE DEMO | Code Decode

What is OAuth?

Spring Security Interview Questions & Answers

Wipro - Latest Real Time Interview Experience | Java, Spring Security, JWT, Database |