Web Security and Access Management: JWT, OAuth2 & OpenId Connect

Gain insights into JWT, OAuth2, and OpenID Connect. Learn about HTTPS, encryption, and handshake techniques, and explore foundational concepts in web API security for enhanced application protection.

Intermediate

28 Lessons

Certificate of Completion

Gain insights into JWT, OAuth2, and OpenID Connect. Learn about HTTPS, encryption, and handshake techniques, and explore foundational concepts in web API security for enhanced application protection.

AI-POWERED

Explanations

AI-POWERED

Explanations

This course includes

18 Code Snippets

This course includes

18 Code Snippets

Course Overview

Web application developers are always on the lookout for ways to secure their applications. It has become the most fundamental part of any web application considering the rise in the number of cyber-attacks. This course will be your handy guide to the basic terminologies and frameworks related to web application security. In this course, you will learn what JWT is, how a JWT is created, and what benefits it provides in token-based authentication. You will learn about why HTTPS was introduced and how it re...Show More

Course Content

Getting started with Web Application Security

Get familiar with fundamental web application security threats and essential mitigation techniques.

Introduction

Cross-site Scripting Attack (XSS)Cross-site Request Forgery (CSRF)Denial-of-Service Attack

HTTPS Basics

Unpack the core of encryption, SSL certificates, HTTPS, and the functionality and concerns of cookies.

What is Encryption?Understanding SSL certificates What is HTTPS, and How Does it Work?What are Cookies?

JSON Web Token

Examine the use of JSON Web Tokens (JWT) for secure authentication, validation, and key management.

Session-based Authentication Token Based Authentication JWT - JSON Web Token JWT Validation Stolen JWTs Cryptographic Key Management Hacking JSON Web Tokens

OAuth

Grasp the fundamentals of OAuth’s authorization framework, terminologies, and various grant types.

OAuth Introduction OAuth Terminologies Authorization Code Grant Type Implicit Grant Type Client Credentials Grant Type Resource Owner Credentials Grant Refresh Token Grant

OpenID Connect

Take a look at OpenID Connect's authentication, flow types, and core terminologies.

OpenID Connect Introduction OpenId Connect Terminologies Authorization Code Flow for Authentication Implicit Code Flow for Authentication Hybrid Code Flow for Authentication

Conclusion

1 Lesson

Express gratitude and invite feedback to enhance engagement and learning experience.

Course Author

Trusted by 1.4 million developers working at companies

Anthony Walker

@_webarchitect_

Emma Bostian 🐞

@EmmaBostian

Evan Dunbar

ML Engineer

Carlos Matias La Borde

Software Developer

Souvik Kundu

Front-end Developer

Vinay Krishnaiah

Software Developer

Eric Downs

Musician/Entrepeneur

Kenan Eyvazov

DevOps Engineer

Anthony Walker

@_webarchitect_

Emma Bostian 🐞

@EmmaBostian

Hands-on Learning Powered by AI

See how Educative uses AI to make your learning more immersive than ever before.

Instant Code Feedback

Evaluate and debug your code with the click of a button. Get real-time feedback on test cases, including time and space complexity of your solutions.

AI-Powered Mock Interviews

Put your skills to the test in a simulated interview setting. Receive personalized feedback based on your performance. Available in Premium & Premium Plus plans.

Adaptive Learning

At various checkpoints throughout Educative courses, you will be prompted to take a quick assessment. Receive a condensed curriculum tailored to your strengths and skill gaps.

Explain with AI

Select any text within any Educative course, and get an instant explanation — without ever leaving your browser.

AI Code Mentor

AI Code Mentor helps you quickly identify errors in your code, learn from your mistakes, and nudge you in the right direction — just like a 1:1 tutor!