Demystifying Authorization and Authentication Flows

OAuth, OpenID Connect, and SAML: A basic primer...

Updated 2019-08-01: In this video, I positioned the OAuth and OpenID Connect Implicit Flow as an implementation strategy for single-page web applications. Going forward, the new PKCE flow should be used for any new implementations involving public clients such as mobile applications and SPAs. Check out this Okta developer blog article for more details.

At the end of every two-week MindTouch Engineering sprint, Patty Ramert hosts Last Sprint Today: a chance for us to share with other MindTouchers what we’ve learned, anything we are working on, or any technical topic of interest. This week, I presented an introduction into the differences between three common authorization and authentication standards for Single Sign-On.

Slides: