From the course: Web Security: OAuth and OpenID Connect
Join today to access over 24,600 courses taught by industry experts.
Lab: Build an example (web app or Postman) - OAuth Tutorial
From the course: Web Security: OAuth and OpenID Connect
Lab: Build an example (web app or Postman)
- [Instructor] As I noted earlier, the authorization code flow is my favorite grant type. Not because it's simple, but because it's effective. The third party application never sees our credentials and the end user never sees the access token. It's a good combination. For this example, we're going to keep it simple and use Postman to interact with our Auth0 configuration. In addition to this video, I have the step-by-step instructions and the sample code for this course. Within the project, simply find README-auth-code, and this has the step-by-step instructions detailing every field and what it should be set to. So with that, let's go ahead and dive in. First of all, we have to start within our Auth0 configuration. So go to Applications, application, and we'll choose our default app. All right, first in auth0 we want to go ahead and grab our domain. So we copy that and we go back to Postman. On the Postman side of…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Overview: Authorization Code Flow1m 58s
-
(Locked)
When should you use this?1m 40s
-
(Locked)
Lab: Build an example (web app or Postman)4m 11s
-
(Locked)
Auth-Code and PKCE overview2m 25s
-
(Locked)
When should you use PKCE?1m 37s
-
(Locked)
Lab: Build an example (native app or spa)3m 39s
-
(Locked)
Security considerations2m 17s
-
(Locked)
-
-
-
-
-
-