OAuth 2.0: Getting Started in API Security (API-University Series Book 1)
Not Available / Digital Item
OAuth 2.0: Getting Started in API Security (API-University Series Book 1)
You want to understand OAuth but have no time to read long books? This book offers a technically sound introduction to API security with OAuth 2.0 and OpenID Connect. In less than 100 pages. In simple terms, concise and to the point.
What will I learn? You will learn the core concepts of OAuth. You will get to know all four OAuth flows that are used in cloud solutions and mobile apps.
You believe OAuth is complicated? If you have tried to read the official OAuth specification, you may get the impression that OAuth is complex. OAuth may seem complex with flows and redirects going back and forth. This book will give you clarity by introducing the seemingly complicated material by many illustrations. These illustrations clearly show all the involved interaction parties and the messages they exchange.
You like to see concepts visualized? In this book, he various OAuth flows are visualized graphically using sequence diagrams. The diagrams allow you to see the big picture of the various OAuth interactions. This high-level overview is complemented with rich set of example requests and responses and an explanation of the technical details.
You want to learn the OAuth concepts efficiently? This book uses many illustrations and sequence diagrams. A good diagram says more than 1000 words.
You want to learn the difference between OAuth and OpenID Connect? You wonder when the two concepts are used, what they have in common and what is different between them. This book will help you answer this question.
You want to use OAuth in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows.
You want to use OAuth to protect your APIs? OAuth is perfectly suited to protect your APIs. You can learn which OAuth endpoints need to be provided and which checks need to be made within the protected APIs.
How is this book structured? In the book, the challenges and benefits of OAuth are presented, followed by an explanation of the technical concepts of OAuth. The technical concepts include the actors, endpoints, tokens and the four OAuth flows. Each flow is described in detail, including the use cases for each flow. Extensions of OAuth are presented, such as OpenID Connect and the SAML2 Bearer Profile.