There's no shortage of information out there on OAuth and OpenID Connect. Much of it is not helpful for people not already familiar with the standard. This talk takes you through it all - in plain English, including a “Live Action OAuth Theater” segment (https://www.youtube.com/watch?v=NYzf2JBdUM8) in which volunteers act out a common OAuth interaction.

If you’ve ever tried to search for information on OAuth and/or OpenID Connect, you’ve probably encountered deep dive code examples or references to the specifications. The specifications are great if you’re building OAuth from scratch or suffer from insomnia. Many examples focus on just code, rather than concepts. These types of resources are not useful for understanding the concepts and historical backdrop for why OAuth and OIDC exist.

In this talk we start with the foundations of federated and delegated authentication and authorization, work our way through concepts and foundations for OAuth and OIDC and end with some practical demonstrations of the standards in action.