OAuth 2.0 is at the heart of OpenID Connect, Mobile Connect, UMA and many other popular standards. Understanding the threat landscapes in OAuth 2.0 is essential in building a secured identity infrastructure. This talk will guide you through multiple attacks that took place over last couple of years, their root causes and how to mitigate any future security exploits by following best practices.
Learning Objectives: 1: Learn OAuth 2.0 fundamentals. 2: Understand what can go wrong with OAuth 2.0 implementation. 3: Explore security best practices and guidelines.