Protect your API with OAuth2

Rob Allen

Saturday 8 April 2017 from 11:50 to 12:40

Talk in English - UK at PHP Yorkshire 2017
View Slides: https://akrabat.com/wp-content/uploads/2017-04-08-PHPYorkshire-Slim-OAuth2.pdf
Short URL: https://joind.in/talk/ce818 (QR-Code (opens in new window))

Avg. Rating

OAuth 2 is the gold standard for authentication in APIs and in this talk we’ll take a deep dive into how it works and how to implement an OAuth 2 server in your API. There are a number of work flows in OAuth 2 for different scenarios including mobile apps and websites connecting via JavaScript, so I will discuss each one and show you how to implement it. We’ll also look how to use JWT which can provide performance improvements. By the end, you’ll be well equipped to add OAuth2 to your API.

Comments

Comments are closed.

Ishani Vardhan at 13:54 on 8 Apr 2017

Quite good overview with some detailed insights for those who are unaware of oAuth2 API !

Mark Railton at 13:55 on 8 Apr 2017

Brilliant overview of how to use oauth2 and also where you can make some speed optimisations and also some pitfalls to avoid.

David Carr at 14:13 on 8 Apr 2017

Really useful and to the point the code example I found clear can't wait to try and use oauth in my next api

Simon R Jones at 14:47 on 8 Apr 2017

Great overview of OAuth2 and using it in PHP. Never realised how flexible it is!

Benjamin Wells Kerenza at 18:23 on 8 Apr 2017

Good coverage and some helpful suggestions on codebases and practices to look at. A little bit tutorial based but well presented.

Elliot Ward at 09:17 on 9 Apr 2017

As the abstract promised, by the end I felt well equipped to work with OAuth2, a personal first! Pacing was great for a technical topic, starting with simple focussed examples and slowly building complexity. The only point where I was lost was understanding why you can switch to in memory storage when using JWTs rather than standard tokens, but by question time my brain had caught up, so possibly there is room to expand on that explanation when the concept is introduced. Maybe you did and I missed it!

Dave Liddament at 15:04 on 9 Apr 2017

A clear introduction to OAuth 2. Well worth watching for those who want a good introduction to the topic.

Pete Samways at 09:37 on 11 Apr 2017

A very clear explanation of a topic that has great relevance for me at present

Sean Nessworthy at 09:52 on 11 Apr 2017

Solid talk, concepts were demonstrated and communicated clearly.

Rich Sage at 08:43 on 21 Apr 2017

Having used OAuth 2 a few times but always having to look up what each component/area does, this talk was great for just stripping it back to the basics and making it really clear how the process works and the various components that make up an OAuth 2 authentication process. Demystified what can be a tricky concept to grasp.