Introduction to Identity
A whirlwind tour of identity history, concepts, and terminology: protocols, open standards, SSO, OAuth2, OpenID Connect and more.
Was this video helpful?
Jump to Section
Jump to a section in the video for explanation on a specific topic.
- What is the problem with identity?
- What can Auth0 do for you?
- Identity, protocols and open standards
- Specs most relevant for our work at Auth0
- Introducing the history part of the presentation
- User passwords in every app
- Directories
- Cross domain SSO
- Shadow accounts
- Kerberos
- SAML
- Middleware
- Trust
- Security token
- Digital signature
- Claims
- Representing a session with a cookie
- The password sharing anti-pattern
- Delegated authorization: OAuth2
- Authorization server
- OAuth2 is NOT an authentication protocol
- Consent
- Authorization code
- Client registration, client secret
- Access token, scope
- Layering sign in on top of OAuth2: OpenID Connect
- Auth0: an intermediary keeping complexity at bay
Up Next
-
14:58
OpenID Connect and OAuth2
OpenID Connect and OAuth specifications, roles, and grants.
-
34:56
Web Sign-In
Authentication for web applications using OpenID Connect.
-
53:12
Calling an API
How to obtain and use access and refresh tokens for delegated authorization in a traditional web application.
-
41:01
Desktop and Mobile Apps
Authentication and delegated authorization for desktop and mobile applications and a public client overview.
-
37:29
Single Page Apps
Authentication and delegated authorization for single page applications.