Mastering OAuth 2.0 and OpenID Connect

An intense deep-dive on the latest best practices

OAuth 2.0 and OpenID Connect are crucial for securing web applications, mobile applications, APIs, and microservices. Unfortunately, getting a good grip on the purpose and use cases for these technologies is insanely difficult. As a result, many implementations use incorrect configurations or contain security vulnerabilities.

Let me tell you how I felt when I started digging into OAuth 2.0 and OpenID Connect a few years ago. I had a hard time understanding what OAuth 2.0 and OpenID Connect were supposed to solve. The terminology made it difficult to understand what the spec was even talking about. And the flows! Each use case had a different flow, and the differences between the flows are often tiny details.

Do you recognize your struggle here? If you are feeling frustrated and overwhelmed with OAuth 2.0 and OpenID Connect, this course is going to help you. This course takes you on a step-by-step journey into the world of OAuth 2.0 and OpenID Connect. It explains the purpose of each technology, along with its use cases. In the course, we also dig deep into concrete scenarios, enabling you to design and implement secure applications with OAuth 2.0 and OpenID Connect.

In a matter of hours, you gain the knowledge that usually takes months of researching dozens of specifications. Throughout the course, we build up a set of best practices that allow you to secure modern applications.

I have worked with thousands of developers to help them understand the ins and outs of OAuth 2.0 and OpenID Connect. I have seen them struggle, but I have also seen them succeed. That's why I can promise you that by the end of this course, you will be confident in using OAuth 2.0 and OpenID Connect.

This course is your shortcut towards understanding OAuth 2.0 and OpenID Connect.

More information

There are many security experts but only a few have a talent for presentations and lectures.

I met Philippe as an outstanding expert and speaker at the SecAppDev conference he regularly organizes.

This is why I was looking forward to this course and invited other colleagues of mine to participate in this course as well.

And he delivered :) I can say that the course is one of the best courses I have ever attended! Although I already knew a lot of the content, Philippe enriched the course with interesting examples and recent news from the OAuth Working Group. Philippe managed to reduce the complexity to the essentials and to explain complicated sounding schemes like PKCE in a clear and understandable way, even for non-technical people.

Highly recommended for all developers or security people who want to get a clear understanding of OAuth and OIDC.

Profile picture Rocco Gränitz

Rocco Gränitz
Leading Application Security Architect at Generali