

In this tutorial, you’ll learn a couple of things. First you’ll learn about some key key terminologies used in OAuth. These are terms you will encounter in OAuth implementations, articles and pretty much anything to do with OAuth. And once you have learned that, you will understand how some of the important OAuth flows work in detail. OAuth has a lot of different variety of flows, but there are few key ones that you really should be knowing. Which you will by the end of this tutorial.
Java Brains website:
#JavaBrains #BrainBytes #WhatIs #OAuth #Java #Tutorial #Concept
source
Informative and useful!!!!
@Java Brains : One fundamental question I always think about.
Why would any service take the pain of maintaining the auth servers and making sure they follow the OAuth protocol ?
Do they get paid for every such call from a client ?
Thank you very much again for this clean explanation. I appreciate you very much.
Excellent video, can u make something on service to service auth using certificate
Thanks, very helpful video! A few questions on the third flow, Client Credentials:
1. You mention that micro service 2 has an authentication server. But in the terminology we only talked about an authorization server–is this indeed a different thing, or did you mean to say authorization and not authentication?
2. In the second step, after MS1 goes to the MS2 Auth server, it receives an access token for, you say, only the API calls that it should have access to. But how does the auth server know what MS1 should have access to? My guess here is that this is indeed an authentication server, and that the server is meant to know ahead of time who MS1 is and what kind of access it should have, and that this is what is meant by a super trustworthy client, but I'd like to confirm if this is correct.
Crystal clean concepts as always 🙂 Thanks Koushik!
In the flow 1 in step 3 Which protocol the Authorization Server uses to send the authentication request to the Resource owner ? How does it know where the Resource owner is and how to contact him?
Your style of explanation / teaching is really top-notch! Great work
please make a video explaining the movie Primer
Hello, Thank you for your great efforts,
could you please cover sso with active Directory and Apache server ?
Thanks Koushik for creating this video. Could you please explain how authorization code flow adds more security compared to Implicit flow.
Is it like when Resource owner gives his consent, the authorization server gives authorization token back, which goes to the client and then client sends a separate request from a server which is trusted on Authorization server side(using SSL/TLS) and then only authorization server grants the access token ?
Also, can you please create a video series on SAML and it's relation with OAuth.
Nice explaination, thanks
Hi @Koushik please Also look at ACL's here is the link to a blog, https://www.baeldung.com/spring-security-acl
Thanks a ton, do u have a Patreon account
Thanks Koushik. Got to learn more about OAuth in meaningful and useful way. Please keep teaching more.
Thanks Kauhik! Try to do a video on spring transaction management and how it works in side.
Love From Sri Lanka
Hi Kaushik. Thanks a lot for providing such great content. You are doing great service to the community.
Can you please release few videos on saml as well ? What is saml and how does it differ from oauth and how to implement it using spring boot .
I think authorization server sends access token to resource owner means browser and from there it redirects to client
Sir,in which company u work?
Where do you live in india or somewhere else sir? I saw you your live stream with telusko.
Amazing lesson JB once AGAIN..great stuff!!
BOSS is back..
Nice work. Thank you!
It makes sense now. Thanks!
Implement the oauth2 by authentication with different microservices.
Thanks Kaushik. Amazing video with the right set of analogies used at the right place. Kudos. 👍
Hi koushik, How to maintain the user login and logoff session with mobile app and web app connected to microservices. But with JWT it looks like it depends on JWT token expiration date, but how we can can maintain a sync with user log off session.
Thanks Kaushik , for amazing video.
Thanks Kaushik , was eagerly waiting for this video
Thumb up Kaushik 🙂 Thank you
Thank you so much Kaushik. Can you please create a video explaining how to get new JWT generated from Authorizing service(e.g Okta) from a Java program.
Thank you sir, could you please cover open id connect as well.
Awesome video, thanks !!
Can you also cover concept of challenge in OAuth, and how enterprise SSO works with OAuth.
Thank you so much
Sir
Thanks Kaushik , This series on OAuth2 is amazin
Please make a video on vert.x and Quakus