OAuth-2 og OpenID Connect: oversikt og praktisk innføring
Jørgen Binningsbø, seniorrådgiver, DIFI forteller om hvordan ID-porten/Maskinporten bruker Oauth2 for å sikre APIer i oﬀentlig sektor. Johannes Brodwall, Sopra Steria, gir en praktisk innføring om hvordan Oauth2 kan brukes.
arrangeres av Shiraz A. Bhaiji og resten av fagfolkene fra faggruppen Løsnings- og integrasjonsarkitektur
Outh2 i ID-porten
Jørgen Binningsbø, seniorrådgiver, DIFI
Jørgen Binningsbø er produkteier for ID-porten. I dette foredraget forteller han litt generelt om ulike Oauth2-mekanismer og hvordan disse blir brukt v ID-porten/Maskinporten for sikre APIer i oﬀentlig sektor.
Johannes Brodwall, Sopra Steria, gir en praktisk innføring om hvordan Oauth2 kan brukes
When you implement a solution that requires you to identify your users, you are almost always better off using an existing user storage instead of creating your own. With Oauth2 and OpenID Connect, this becomes easy. Identify users who are a member of your organization or that of any of your customers? Easy! (As long as they use Azure Active Directory. Chances are they do) Identify users who are members of a Slack team? Piece of cake! To identify Norwegian residents? Trivial (as long as you are a governmental service). In this hands-on talk, Johannes takes you through the steps of using Oauth2 and OpenID Connect to integrate with four popular identity providers: Google, ID-porten, Azure Active Directory and Slack. There will be hands-on step by step walkthrough of how you understand identity providers, from the business concept of trust, to the architecture of Oauth2, to the code to implement the authentication flow. Johannes Brodwall works as principal software engineer for Sopra Steria Norway where he builds software. Johannes has been working as a programmer, architect, agile coach and programmer again for 15 years. He has worked as architect in large public sector projects to create nationally strategic infrastructure, in small 1-2 person private sector teams to create internal apps to improve work processes and everything in between.