OAuth 2.0 Access Token vs. OpenID Connect ID Token

preview_player
Показать описание
OAuth 2.0 Access Token vs. OpenID Connect ID Token
  1. Identifire
  2. WSO2
  3. WSO2 Identity Server
  4. OpenID Connect
  5. OAuth 2.0
  6. OAuth
Рекомендации по теме
OAuth 2 Explained 0:04:32

OAuth 2 Explained In Simple Terms

ID Tokens VS 0:08:38

ID Tokens VS Access Tokens: What's the Difference?

OAuth 2.0 explained 0:10:03

OAuth 2.0 explained with examples

What is the 0:03:19

What is the difference between Access Tokens & Refresh Tokens? OAuth 2.0 & OIDC (OpenID Conn...

OAuth 2.0: An 0:06:34

OAuth 2.0: An Overview

OAuth Vs JWT 0:06:21

OAuth Vs JWT | What is the difference? | Tech Primers

oAuth for Beginners 0:10:43

oAuth for Beginners - How oauth authentication🔒 works ?

OAuth 2.0 access 0:03:07

OAuth 2.0 access tokens explained

An Illustrated Guide 0:16:36

An Illustrated Guide to OAuth and OpenID Connect

OAuth 2.0 - 0:09:16

OAuth 2.0 - a dead simple explanation

OAuth and OpenID 0:10:18

OAuth and OpenID Connect - Know the Difference

OAuth 2.0 Client 0:05:34

OAuth 2.0 Client Credentials Flow (in plain English)

What is OAuth? 0:00:41

What is OAuth?

Oauth2 JWT Interview 0:28:39

Oauth2 JWT Interview Questions and Answers | Grant types, Scope, Access Token, Claims | Code Decode

Why Refresh Token? 0:02:15

Why Refresh Token? - 2 min. OAuth #4

Everything You Ever 0:33:21

Everything You Ever Wanted to Know About OAuth and OIDC

Automatically Refresh OAuth2.0 0:03:31

Automatically Refresh OAuth2.0 Access Tokens | Postman Level Up

What is OAuth2? 0:19:56

What is OAuth2? How does OAuth2 work? | Naveen AutomationLabs

OAuth2 Part 2: 0:03:04

OAuth2 Part 2: Adding in Scopes

24. OAuth 2.0: 0:35:24

24. OAuth 2.0: Explained with API Request and Response Sample | High Level System Design

What is OAuth? 0:00:56

What is OAuth?

OAuth in 3…2…1 0:00:51

OAuth in 3…2…1 #javascript #python #web #coding #programming

What is OAuth 0:18:05

What is OAuth 2.0? - Implement OAuth2.0 in Pega as consumer

Exploring API Authentication 0:00:59

Exploring API Authentication Methods: From HTTP Basic to OAuth 2.0

Комментарии
Автор

Hi , The background sound could have been avoided though a good explanation

mysterygirl
Автор

You said that the auth server doesn't know about the resource which isn't technically true. Let's take the oauth 2 implicit flow, you can specify the aud and scopes that you want in the request. If the auth server has a consent framework, it will display the appropriate dialog and then return a token (jwt) with iss claim set to the auth server, aud set to the requested audience and scp set to the requested/consented scopes. When you pass this token to the resource server it should validate the iss, aud among other things. Then use the scp claims for authorization concerns. (I'm taking AzureAD as an example). The id_token is always a jwt (openid) but the access token can be opaque. For oauth 2 spec, AzureAD returns an access_token which is also a jwt you can use as a bearer token. The resource server doesn't need to call the auth server to validate the token in this scenario as it can just validate the jwt itself.

dasiths
Автор

Background music is disturbing...rest all good 👍

adityagtm
Автор

Thank u very much, sir. Very good explanation

matzumoto