Due to Corona I’ve been giving less (in-person) sessions lately… but luckily, by now virtual session have become A Thing I’m thus happy to announce that I’ll be giving a virtual session for the Bristol-based .NET SouthWest user group. The session is named “API Security with OAuth2 and OpenID Connect in Depth”, and this is what you can expect:
You probably know how to secure your API with access tokens, but did you know you can use reference tokens to improve security? The token exchange standard for delegated access? A custom grant for API to API access? And what about improving client authentication for those use cases where clientid & client secret don’t cut it anymore?
In this in-depth session, we’ll cover all of these topics, extensively using IdentityServer4 in the process. Note that some previous knowledge on OAuth2 and OpenID Connect is a must.