64°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • OAuth 2.0 Simplified

    OAuth 2.0 Simplified is a guide to building an OAuth 2.0 server. Through high-level overviews, step-by-step instructions, and real-world examples, you will learn how to take advantage of the OAuth 2.0 framework while building a secure API.

    You can buy the paperback book on Lulu.com or Amazon now! Also available as an ePub or PDF.

    OAuth Course

    My video course The Nuts and Bolts of OAuth 2.0 is now available on Udemy! With over 3.5 hours of video content, interactive exercises, and access to a web-based tool guiding you through the exercises giving you feedback along the way, you can join over 1500 other students who have already taken this course!

    OAuth Cheat Sheet

    I published a cheat sheet "OAuth Patterns and Anti-Patterns" available for free!

    The "OAuth Patterns and Anti-Patterns" Refcard covers a range of topics including:

    • Clear and concise definitions of common OAuth terminology
    • Tips for securing tokens in browser-based apps
    • How PKCE is a more OAuth secure flow
    • The difference between access tokens and ID tokens
    • Access token validation tips and techniques

    Specs

    I contribute to the OAuth specs, and co-authored OAuth 2.0 for Browser-Based Apps and OAuth 2.1.

    I also maintain oauth.net

    Videos

    OAuth: When Things Go Wrong

    Presented at the O'Reilly Software Architecture Conference

    Slides: speakerdeck.com/aaronpk/oauth-when-things-go-wrong

    OAuth Access Tokens Explained

    OAuth All the Things! What is OAuth 2.0?

    permalink
    1 mention

    Other Mentions

    • bjoernkw.com

      At this year’s beyond tellerrand Düsseldorf IndieWebCamp co-founder and OAuth consultant Aaron Parecki gave a talk about OAuth, why we need it, and how we can use it to simplify authentication and authorization in web applications:

      Aaron Parecki – Why Do We Really Need OAuth Anyway? – beyond tellerrand Düseldorf 2021 from beyond tellerrand on Vimeo.

      Aaron also provides a guide to building an OAuth 2.0 server and a video course titled “The Nuts and Bolts of OAuth 2.0”.

      December 5, 2021 by Bjoern in Enterprise Software, Software, Web Applications
      Sun, Dec 5, 2021 7:03am -08:00

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv