Welcome my name is Anwer Khan and I will be your instructor throughout this course. Now I will talk straight to the point. Therefore, we will cover more in less time. In this course, we'll talk about the most common and useful approach to securing access to our APIs, and that's OAuth 2.0.
At first glance, OAuth seems hard, and it is, but we'll break it down into core concepts, how and where to apply it. ofcourse, there's no one size fits all solution. So, we'll cover the different flavours and extensions to OAuth that help it address things that you probably haven't even considered.
OAuth, which stands for “Open Authorization,” allows third-party services to exchange your information without you having to give away your password.
OAuth (Open Authorization) is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.
Generally, OAuth provides clients a "secure delegated access" to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without providing credentials.
More and more, APIs are the foundation of our experience. Whether we're building customer facing mobile apps, updating existing web apps, integrating with that cool, new device, or thinking about microservices, we can't do that without APIs. Unfortunately, we rarely think about security and how we grant and revoke access. The consequences have already cost airlines, dating websites, and even governments hundreds of millions of dollars. You don't want to be next.
OAuth designed specifically to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows access tokens to be issued to third-party clients by an authorization server, with the approval of the resource owner. The third party then uses the access token to access the protected resources hosted by the resource server.
So, this is the best course available in udemy for OAuth 2.0. You will learn lots of new stuff that you have not considered.
So, I hope to see you in this course.
Learn OAuth2 and OpenID for mobile apps, web apps and also learn about the security risk associated with each grant type