Loading…
All sessions are in PDT (UTC -7)
Back To Schedule
Wednesday, September 9 • 10:20am - 10:50am
Not your Uncle's Auth: OAuth2.1 and Other Updates in Securing Your API - Vittorio Bertocci, Auth0

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

OAuth 2.0 and adjacent technologies, such as the JWT format, have been been extraordinarily successful in providing a viable mechanism for authorizing API calls in a wide variety of scenarios.
The lax nature of the specification, however, left a lot as exercise for the reader- which resulted in many insecure and non interoperable deployments. The standard group worked to fill the gaps by releasing a sequence of addendum to the core spec, fleshing out new scenarios (native clients, SPAs), security recommendations and more, making it very hard for implementers to keep up with what's really needed to develop secure solutions.
OAuth 2.1 is a proposed update to the core spec that incorporates back the most salient new guidance; together with new important updates, such as a profile detailing how to use JWT tokens in OAuth in interoperable fashion, it represents a new breed of guidance that will streamline your API security strategy. Come to this session to learn about those changes and how you can take advantage of them in your solution!

Speakers
avatar for Vittorio Bertocci

Vittorio Bertocci

Principal Architect, Auth0
Vittorio Bertocci is a Principal Architect for Auth0. Before Auth0, he had a lengthy career with Microsoft, where Vittorio worked with Fortune 100 and Global 100 companies, including working on Microsoft’s Azure Active Directory team as principal program manager focusing on the... Read More →


Wednesday September 9, 2020 10:20am - 10:50am PDT
TBA