OAuth 2.0 Simplified is a guide to building an OAuth 2.0 server. Through high-level overviews, step-by-step instructions, and real-world examples, you will learn how to take advantage of the OAuth 2.0 framework while building a secure API.
My video course The Nuts and Bolts of OAuth 2.0 is now available on Udemy! With over 3.5 hours of video content, interactive exercises, and access to a web-based tool guiding you through the exercises giving you feedback along the way, you can join over 1500 other students who have already taken this course!
OAuth Cheat Sheet
I published a cheat sheet "OAuth Patterns and Anti-Patterns" available for free!
The "OAuth Patterns and Anti-Patterns" Refcard covers a range of topics including:
- Clear and concise definitions of common OAuth terminology
- Tips for securing tokens in browser-based apps
- How PKCE is a more OAuth secure flow
- The difference between access tokens and ID tokens
- Access token validation tips and techniques
I also maintain oauth.net
OAuth: When Things Go Wrong
Presented at the O'Reilly Software Architecture Conference
OAuth Access Tokens Explained
OAuth All the Things! What is OAuth 2.0?
I'd be happy to come to your meetup and give a talk on OAuth! Fill out the form below if you're interested in having me come give a talk! If I can accept your request, Okta will sponsor drinks for your meetup, and I'll bring a few copies of my book to give away as well.