Are you lost in the alphabet soup of authentication? OAuth, OIDC, JWTs, API Keys, HMAC, SAML - the list goes on.

This session cuts through the jargon and explains modern authentication in clear, practical terms. We'll compare the most common techniques, highlight the problems they solve, and show how they build on the same core concepts.

Finally, we'll connect the dots and show how these concepts apply to today's web apps, including single-page applications (SPAs) using the backend-for-frontend (BFF) pattern.

No coding experience required! This session focuses on fundamentals, explained in a way that's accessible to developers, architects, and anyone who works with technology.

I've been a "security minded" developer for many years and remember being very frustrated and confused when I couldn't find a clear, easy-to-follow guide to picking an authentication strategy for my apps.

Since then I've done a bunch of research and worked with a bunch of different security techniques, so I designed this as the clear, easy-to-follow guide that I so desperately wanted back then. I think it will help a lot of developers (and non-devs) understand how things work at a fundamental level.