By learning and applying current security best practices you'll make an important step towards public-cloud-readiness and a future-proof "Zero Trust" architecture.
After the workshop you'll have created a production-ready, secure and GDPR-compliant setup that you can easily build upon and extend.
For that we'll use the Identity Provider Auth0, Azure Functions and the secrets management system Azure Key Vault but the concepts can easily be applied to other vendors' products.

You will learn:
- Fundamentals of modern Authentication & Authorization with OAuth 2 & OpenID Connect
- Secure a serverless API
- Access a secured API from a browser-based (Angular) web application
- Access a secured API from within a serverless microservice
- Apply RBAC (Role Based Access Control)
- Completely automated deployment of App, APIs and Identity Provider configuration using IaC (Infrastructure as Code)

- Participants will need a chair and a table to put their laptops on
- Participants will need WiFi
- Preferred duration: full day
- Minimum duration: half a day
- Level: Beginner and Intermediate
- Target audience: everyone interested in serverless and security
- Tags/Keywords: Serverless, Security, Identity & Access Management, Authentication, Authorization, OAuth 2, OpenID Connect, JWT, Role-Based Access Control, Zero Trust, Secrets Management, Auth0, Azure, Azure Functions, Azure Key Vault, TypeScript, Zero Trust Networks