Skip to Content
Solving Identity Management in Modern Applications: Demystifying OAuth 2, OpenID Connect, and SAML 2
book

Solving Identity Management in Modern Applications: Demystifying OAuth 2, OpenID Connect, and SAML 2

by Yvonne Wilson, Abhishek Hingnikar
November 2022
Intermediate to advanced
398 pages
9h 38m
English
Apress

Overview

Know how to design and use identity management to protect your application and the data it manages.

At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided.

Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more.
This expanded editionhas been revised to provide an overview of the new version of OAuth (2.1)―the primary changes in this version, including features that were removed from 2.1 that were in 2.0 and why they were removed. The discussion of the book's accompanying sample application has been revised to cover in more depth the approach for developing the application (also revised). A new section has been added on the OAuth 2.0 Device Authorization Grant (RFC 8628) specification, which is useful for devices with limited UI capability. Minor additions include the topics of identity proofing, the need to capture and organize consent information, the impact of tracking prevention technology on certain identity protocols, and the availability of additional options for authorization requests such as OAuth 2.0 Rich Authorization Requests and JWT-Secured Authorization Requests (RFC 9101).

What You’ll Learn
• Understand key identity management concepts
• Incorporate essential design principles
• Design authentication and access control for a modern application
• Know the identity management frameworks and protocols used today (OIDC/OAuth 2.0/2.1, SAML 2.0)
• Review historical failures and know how to avoid them

Who This Book Is For
Developers, enterprise or application architects, business application or product owners, and anyone involved in an application's identity management solution
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0

Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0

Yvonne Wilson, Abhishek Hingnikar
Cloud Native Data Security with OAuth

Cloud Native Data Security with OAuth

Gary Archer, Judith Kahrer, Michał Trojanowski

Publisher Resources

ISBN: 9781484282618Purchase LinkPublisher Website