SlideShare a Scribd company logo

OAuth2 simplified

Download as PPTX, PDF
Vanjikumaran Sivajothy, profile picture
Vanjikumaran Sivajothy

The document explains OAuth 2.0 by using the analogy of a hotel room key card to represent access tokens, which grant users access to specific resources after authentication. It highlights the importance of security, noting that tokens must be protected, as they can be shared or lost but can be revoked or reissued. The document provides links for further reading on OAuth 2.0.

Internet
1 of 25
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
OAuth 2.0 Simplified
Presented By Vanjikumaran Image is in this Slides are taken from the internet and the base concept taken on [1] [1] https://www.tbray.org/ongoing/When/201x/2013/05/24/Access-Token-Hotel-Key
On the way to Vacation!
And they found the HOTEL
HOTEL has RESOURCES
Security!!
Security!!!!!!!
Security!!!!!!!!!!!!!!!!!!!!!!!
Formal Request to HOTEL
VANJI’s Identity Card
HOTEL TOKEN
Finally Vanji got Access 2 * @ HOTEL
VANJI has access to RESOURCES
VANJI has access to room
Brid view Idea!
OAuth 2 Access Token ● An OAuth 2 access token is like a hotel- room key card. It gives access, all by itself without further checking, to a particular resource! ● It’s issued to a particular person, who has to be authenticated first (like by showing my driver’s license at the check-in.)
OAuth 2 Access Token ● Nothing on the outside tells you who it’s been issued to or what it’s for! ● It’s issued to a particular person, who has to be authenticated first (like by showing my driver’s license at the check-in.)
But!! 2 friends of him next to him!
TOM borrowed the HOTEL CARD
TOM has access to RESOURCES
TOM has access to VANJIs room
OAuth 2 Access Token ● It’s not encrypted, so you have to take care of it (if a bad guy got it and knew what it was for, he could get into my hotel room and rob me blind.) Check. ● You can give it to someone else and have them access the resource for you!
REVOKE HOTEL TOKEN!!!!!!!
OAuth 2 Access Token ● If you lose it, you can go back to the issuer and get another one which is functionally identical. ● It expires after a while.
READ MORE on OAuth 2.0 ● http://oauth.net/2/ ● http://tools.ietf.org/html/rfc6749

More Related Content

PDF
OAuth 2.0 (as a comic strip)
Brent Shaffer
 
PDF
OAuth2 - The Swiss Army Framework
Brent Shaffer
 
PPTX
Framework for hand gesture controlled video game
Vanjikumaran Sivajothy
 
PPTX
SEJ Summit 2015: Upgrade Your Platform Without Sacrificing Your Rankings by C...
Search Engine Journal
 
PPTX
Developing Enterprise Applications for the Cloud, from Monolith to Microservices
David Currie
 
PPTX
Platform & Application Modernization
JK Tech
 
PDF
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 
PPT
Cloud Migration: Moving to the Cloud
Dr.-Ing. Michael Menzel
 
OAuth 2.0 (as a comic strip)
Brent Shaffer
 
OAuth2 - The Swiss Army Framework
Brent Shaffer
 
Framework for hand gesture controlled video game
Vanjikumaran Sivajothy
 
SEJ Summit 2015: Upgrade Your Platform Without Sacrificing Your Rankings by C...
Search Engine Journal
 
Developing Enterprise Applications for the Cloud, from Monolith to Microservices
David Currie
 
Platform & Application Modernization
JK Tech
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 
Cloud Migration: Moving to the Cloud
Dr.-Ing. Michael Menzel
 

More from Vanjikumaran Sivajothy (9)

PPTX
Peaceful Distributed Microservice Architecture
Vanjikumaran Sivajothy
 
PPTX
Demystifying API Management for Serverless Services
Vanjikumaran Sivajothy
 
PPTX
Best Practice With PLSQL
Vanjikumaran Sivajothy
 
PPT
Sign Language recognition Presentation
Vanjikumaran Sivajothy
 
PPTX
Software architectures
Vanjikumaran Sivajothy
 
PPTX
Middleware Simplified
Vanjikumaran Sivajothy
 
PDF
Android development beyond the basics
Vanjikumaran Sivajothy
 
PPTX
Hello androidforyarlmeetup
Vanjikumaran Sivajothy
 
PDF
Foss con2011
Vanjikumaran Sivajothy
 
Peaceful Distributed Microservice Architecture
Vanjikumaran Sivajothy
 
Demystifying API Management for Serverless Services
Vanjikumaran Sivajothy
 
Best Practice With PLSQL
Vanjikumaran Sivajothy
 
Sign Language recognition Presentation
Vanjikumaran Sivajothy
 
Software architectures
Vanjikumaran Sivajothy
 
Middleware Simplified
Vanjikumaran Sivajothy
 
Android development beyond the basics
Vanjikumaran Sivajothy
 
Hello androidforyarlmeetup
Vanjikumaran Sivajothy
 
Foss con2011
Vanjikumaran Sivajothy
 
Ad

Recently uploaded (20)

PPTX
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
PDF
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
PDF
Triggering QUIC, presented by Geoff Huston at IETF 123
APNIC
 
PDF
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PPTX
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
PPTX
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
PPTX
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
PPTX
Digital Literacy And Online Safety on internet
riksa rifqi
 
PPTX
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
PPTX
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
 
PDF
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
PPTX
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PPTX
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
PPTX
innovation process that make everything different.pptx
SoumyadipPaul18
 
PDF
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
PDF
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
PDF
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
Triggering QUIC, presented by Geoff Huston at IETF 123
APNIC
 
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
 
artificial intelligence overview of it and more
yafotin445
 
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
Digital Literacy And Online Safety on internet
riksa rifqi
 
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
 
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
innovation process that make everything different.pptx
SoumyadipPaul18
 
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
Ad

OAuth2 simplified