SlideShare a Scribd company logo

OAuth 2.0 #idit2012

Nov Matake, profile picture
Nov Matake

The document discusses OAuth 2.0 and OpenID Connect. It provides an overview of OAuth 2.0's authorization code and implicit grant flows for obtaining an access token to access a secured resource. It also mentions OAuth 2.0 is used for access control in APIs and enterprises. Additionally, it states OpenID Connect is based on and extends OAuth 2.0 to provide identity features. Finally, it suggests these protocols are important for applications, access control, identity, social media, clouds, and the growing API economy.

TechnologyBusiness
1 of 25
Downloaded 29 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
OAuth 2.0
@nov OpenID Foundation Japan Evangelist OAuth.jp Ruby Libraries rack-oauth2 openid_connect fb_graph ID&IT Management Conference 2012
ID&IT Management Conference 2012
Current Trend Mobile Game Social ID&IT Management Conference 2012
Platform ♥ 3rd-party Developers ID&IT Management Conference 2012
API Integration Access Control for APIs ID&IT Management Conference 2012
OAuth No password sharing Limited access lifetime Expire a'er N weeks Limited access scope Status Update : OK Read Inbox : NG ID&IT Management Conference 2012
OAuth 2.0 in Enterprize ID&IT Management Conference 2012
ID&IT Management Conference 2012
Authorization Server Authorize Client Access Access Token Resource Server Resource Owner API Client Access ID&IT Management Conference 2012
Authorization Server Authorize Client Access Access Token Resource Server Resource Owner API Client Access ID&IT Management Conference 2012
Authorization Server Authorize Client Access Access Token Resource Server Resource Owner API Client Access ID&IT Management Conference 2012
Get Access Token 2 Response Types in Core Code Token Extensions Code + Token and more.. ID&IT Management Conference 2012
response_type = code Resource Owner Client Authorization Server Initiate Require Approval Approve Code Code Access Token ID&IT Management Conference 2012
response_type = token Resource Owner Client Authorization Server Initiate Require Approval Approve Access Token ID&IT Management Conference 2012
Response Type Code Token Secure Efficient 2 HTTP request 1 HTTP request Require Approval Both at once Get Access Token + extensions ID&IT Management Conference 2012
♥ OpenID Connect ~ OpenID based on OAuth 2.0 ~ ID&IT Management Conference 2012
ID&IT Management Conference 2012
So, why these matters? ID&IT Management Conference 2012
Social ID&IT Management Conference 2012
Cloud ID&IT Management Conference 2012
API Economy ID&IT Management Conference 2012
Applications People Streams Access Control Identity Discovery ID&IT Management Conference 2012
デジタルアイデンティティ技術最新動向 - @IT ID&IT Management Conference 2012
twitter.com/nov slideshare.net/matake github.com/nov openid-foundation-japan.github.com ID&IT Management Conference 2012

More Related Content

PDF
OpenID Connect Explained
Vladimir Dzhuvinov
 
PDF
OAuth 2.0 and OpenID Connect
Jacob Combs
 
PDF
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
Nov Matake
 
PDF
GHC18 Abstract - API Security, a Grail Quest
PaulaPaulSlides
 
PDF
OpenID Connect vs. OpenID 1 & 2
Mike Schwartz
 
PDF
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
 
PPTX
Why Assertion-based Access Token is preferred to Handle-based one?
Hitachi, Ltd. OSS Solution Center.
 
PDF
Launching a Successful and Secure API
Nordic APIs
 
OpenID Connect Explained
Vladimir Dzhuvinov
 
OAuth 2.0 and OpenID Connect
Jacob Combs
 
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
Nov Matake
 
GHC18 Abstract - API Security, a Grail Quest
PaulaPaulSlides
 
OpenID Connect vs. OpenID 1 & 2
Mike Schwartz
 
Incorporating OAuth: How to integrate OAuth into your mobile app
Nordic APIs
 
Why Assertion-based Access Token is preferred to Handle-based one?
Hitachi, Ltd. OSS Solution Center.
 
Launching a Successful and Secure API
Nordic APIs
 

What's hot (18)

PDF
Single Sign On with OAuth and OpenID
Gasperi Jerome
 
PDF
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
Salesforce Developers
 
PPTX
Smart Card Authentication
Dan Usher
 
PPTX
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Richard Bullington-McGuire
 
PPT
Understanding OpenID
Prabath Siriwardena
 
PDF
CIS14: Consolidating Authorization for API and Web SSO using OpenID Connect
CloudIDSummit
 
PDF
Authorization The Missing Piece of the Puzzle
Nordic APIs
 
PDF
Integrated social solutions, the power and pitfalls of mashups
Nordic APIs
 
PPTX
Securing online services by combining smart cards and web-based applications
Olivier Potonniée
 
PPTX
Mit 2014 introduction to open id connect and o-auth 2
Justin Richer
 
PDF
Authentication through Claims-Based Authentication
ijtsrd
 
PPTX
Internet of Things presentation
Deep Shah
 
PPTX
OpenID Connect: An Overview
Pat Patterson
 
PPTX
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
PPTX
Cloud Native Journey in Synchrony Financial
VMware Tanzu
 
PDF
Stateless Auth using OAUTH2 & JWT
Mobiliya
 
PDF
Auth experience - vol 1.0
Haggai Philip Zagury
 
PPTX
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
ForgeRock
 
Single Sign On with OAuth and OpenID
Gasperi Jerome
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
Salesforce Developers
 
Smart Card Authentication
Dan Usher
 
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Richard Bullington-McGuire
 
Understanding OpenID
Prabath Siriwardena
 
CIS14: Consolidating Authorization for API and Web SSO using OpenID Connect
CloudIDSummit
 
Authorization The Missing Piece of the Puzzle
Nordic APIs
 
Integrated social solutions, the power and pitfalls of mashups
Nordic APIs
 
Securing online services by combining smart cards and web-based applications
Olivier Potonniée
 
Mit 2014 introduction to open id connect and o-auth 2
Justin Richer
 
Authentication through Claims-Based Authentication
ijtsrd
 
Internet of Things presentation
Deep Shah
 
OpenID Connect: An Overview
Pat Patterson
 
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
Cloud Native Journey in Synchrony Financial
VMware Tanzu
 
Stateless Auth using OAUTH2 & JWT
Mobiliya
 
Auth experience - vol 1.0
Haggai Philip Zagury
 
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
ForgeRock
 
Ad

Viewers also liked (9)

PDF
Whats wrong oauth_authn
Nov Matake
 
PDF
IIW 16th Report at #idcon
Nov Matake
 
PDF
OAuth認証再考からのOpenID Connect #devlove
Nov Matake
 
PDF
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
Nov Matake
 
PDF
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
Nov Matake
 
PDF
API提供におけるOAuthの役割 #apijp
Tatsuo Kudo
 
PDF
OpenID Connect 101 @ OpenID TechNight vol.11
Nov Matake
 
PDF
デブサミ2017 【DevBooks】即売会サークル参加要項
Developers Summit
 
PDF
デブサミ2017 公募セッション募集要項
Developers Summit
 
Whats wrong oauth_authn
Nov Matake
 
IIW 16th Report at #idcon
Nov Matake
 
OAuth認証再考からのOpenID Connect #devlove
Nov Matake
 
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
Nov Matake
 
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
Nov Matake
 
API提供におけるOAuthの役割 #apijp
Tatsuo Kudo
 
OpenID Connect 101 @ OpenID TechNight vol.11
Nov Matake
 
デブサミ2017 【DevBooks】即売会サークル参加要項
Developers Summit
 
デブサミ2017 公募セッション募集要項
Developers Summit
 
Ad

Similar to OAuth 2.0 #idit2012 (20)

PDF
OAuth 2.0 Updates #technight
Nov Matake
 
PDF
OAuth 2.0 Updates #technight in Osaka
Nov Matake
 
PDF
WSO2 Identity Server
Prabath Siriwardena
 
PPTX
Identity Management: Using OIDC to Empower the Next-Generation Apps
Tom Freestone
 
PPTX
Authentication Server
Abhishek Chikane
 
PDF
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Systems, Inc.
 
PDF
Open sso fisl9.0
Startup Cursos
 
PPTX
Leveraging Identity to Manage Change and Complexity
NetIQ
 
PPT
Oauth tutorial
乐费 胡
 
PPTX
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
 
PDF
New Trends in Web Security
Oliver Pfaff
 
PPTX
Enterprise Access Control Patterns for Rest and Web APIs
CA API Management
 
PDF
Open Source Identity Integration with OpenSSO
elliando dias
 
PDF
Enable Secure Mobile & Web Access to Microsoft SharePoint
CA API Management
 
PPTX
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
Brian Campbell
 
PDF
OAuth in the Real World featuring Webshell
CA API Management
 
PPTX
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
Brian Campbell
 
PPTX
Making Sense of API Access Control
CA API Management
 
PDF
Analyzing OAuth
Oliver Pfaff
 
PPT
Building an Effective Identity Management Strategy
NetIQ
 
OAuth 2.0 Updates #technight
Nov Matake
 
OAuth 2.0 Updates #technight in Osaka
Nov Matake
 
WSO2 Identity Server
Prabath Siriwardena
 
Identity Management: Using OIDC to Empower the Next-Generation Apps
Tom Freestone
 
Authentication Server
Abhishek Chikane
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Systems, Inc.
 
Open sso fisl9.0
Startup Cursos
 
Leveraging Identity to Manage Change and Complexity
NetIQ
 
Oauth tutorial
乐费 胡
 
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
 
New Trends in Web Security
Oliver Pfaff
 
Enterprise Access Control Patterns for Rest and Web APIs
CA API Management
 
Open Source Identity Integration with OpenSSO
elliando dias
 
Enable Secure Mobile & Web Access to Microsoft SharePoint
CA API Management
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
Brian Campbell
 
OAuth in the Real World featuring Webshell
CA API Management
 
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
Brian Campbell
 
Making Sense of API Access Control
CA API Management
 
Analyzing OAuth
Oliver Pfaff
 
Building an Effective Identity Management Strategy
NetIQ
 

More from Nov Matake (20)

PDF
#idcon vol.29 - #fidcon WebAuthn, Next Stage
Nov Matake
 
PDF
FedCM - OpenID TechNight vol.19
Nov Matake
 
PDF
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Nov Matake
 
PDF
Sign in with Apple
Nov Matake
 
PDF
FIDO @ LINE - #idcon vol.24
Nov Matake
 
PDF
W3C Web Authentication - #idcon vol.24
Nov Matake
 
PDF
NIST SP 800-63C - Federation and Assertions (FINAL)
Nov Matake
 
PDF
NIST SP 800-63C #idcon vol.22
Nov Matake
 
PDF
NIST SP 800-63-3 #idcon vol.22
Nov Matake
 
PDF
ID連携入門 (実習編) - Security Camp 2016
Nov Matake
 
PDF
ID連携概要 - OpenID TechNight vol.13
Nov Matake
 
PDF
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
Nov Matake
 
PDF
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
Nov Matake
 
PDF
FIDO alliance #idcon vol.18
Nov Matake
 
PDF
ID & IT 2013 - OpenID Connect Hands-on
Nov Matake
 
PDF
JWT Translation #technight
Nov Matake
 
PDF
MIT-KIT Intro at #idcon sattelite
Nov Matake
 
PDF
Self isssued-idp
Nov Matake
 
PDF
Account Chooser #idit2012
Nov Matake
 
PPTX
諸外国の国民ID制度 #idcon 13th
Nov Matake
 
#idcon vol.29 - #fidcon WebAuthn, Next Stage
Nov Matake
 
FedCM - OpenID TechNight vol.19
Nov Matake
 
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Nov Matake
 
Sign in with Apple
Nov Matake
 
FIDO @ LINE - #idcon vol.24
Nov Matake
 
W3C Web Authentication - #idcon vol.24
Nov Matake
 
NIST SP 800-63C - Federation and Assertions (FINAL)
Nov Matake
 
NIST SP 800-63C #idcon vol.22
Nov Matake
 
NIST SP 800-63-3 #idcon vol.22
Nov Matake
 
ID連携入門 (実習編) - Security Camp 2016
Nov Matake
 
ID連携概要 - OpenID TechNight vol.13
Nov Matake
 
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
Nov Matake
 
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
Nov Matake
 
FIDO alliance #idcon vol.18
Nov Matake
 
ID & IT 2013 - OpenID Connect Hands-on
Nov Matake
 
JWT Translation #technight
Nov Matake
 
MIT-KIT Intro at #idcon sattelite
Nov Matake
 
Self isssued-idp
Nov Matake
 
Account Chooser #idit2012
Nov Matake
 
諸外国の国民ID制度 #idcon 13th
Nov Matake
 

Recently uploaded (20)

PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Encapsulation theory and applications.pdf
gurumoop
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Teaching material agriculture food technology
LiaRayya
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 

OAuth 2.0 #idit2012