Developer Workshop Part 1: Introduction to OAuth and OpenID Connect

This introduction session sets the stage for why OAuth is important and what problem it solves. We’ll clear up the confusion between OAuth and OpenID Connect and cut through the jargon. You’ll learn some background on why OAuth was created, why handling passwords directly is dangerous, and the difference between authorization and authentication. We’ll introduce the different roles involved in the OAuth flows, and cover the basics of the Authorization Code flow with PKCE.

Agenda

• Background: What is OAuth? What does it solve?
• Authorization vs Authentication
• Using access tokens
• Grant Types and Use Cases
• Who logged in? - Intro to OpenID Connect

Next session: Building an OAuth Application and API