The Survival Guide to Modern Apps AuthN and AuthZ specs - Boleslaw Dawidowicz

Video from Devoxx Poland 2019. Would you like to get up to speed with all currently relevant authentication and authorization standards related to modern applications, services and APIs? This session will give developers and architect necessary high-level understanding and allow to make educated choices from technologies and protocols based on business needs. Key applications,APIs, and application security best practices will be explained so you will know not only which to follow, but also how to not fall into common security traps. No prior deep technical knowledge required. Attendees will learn: * Single Sign-On (SSO) and Federations with SAML2 * Modern token-based security architecture * JOSE specs and JWTs (Json Web Token) * OAuth2 spec family including OpenID Connect and UMA2 (User Managed Access) * Current state and future of MultiFactor and of PasswordLess Authentication standards. FIDO Alliance & W3C WebAuthN - (U2F, UAF, CTAP1&CTAP2) Attendees will come away from this session prepared to integrate modern development and security techniques into their application development processes to provide secure services for their businesses.