4.18 OAUTH 2.0

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

9 hours 48 minutes
Video Transcription
all right. Oh, so oh, off is a framework? And this framework was designed for authentication across federations and actually open I D Connect is built in to be part of a wall. But if you just focus on the authentication piece,
one of the things that go off gives us is the ability to delegate rights toe applications.
So, for instance, let's say I go to Spotify and I'm wanting to listen to some music, but I have to have an account.
All right, so it says, um, would you like to log in with Facebook? Sure.
Um and I'm not saying I advocate that. I'm just saying that's how it works. So when I log in Facebook, you know, just clicking abutments have happened to create a new account. And by the way, of course, Facebook is operating as my identity provider. Or more specifically, my open identity provider,
Right? Facebook's providing that identity service,
but when I do that, I'll get a message that says Spotify with, like, the update, your Facebook page. You know that function where it adds to your Facebook page. Hey, Kelly's listening to such and such song, right? It's a law that allows that delegation off permission or right
toe update my homepage. So Oh, all focuses. And just when that piece provides the frame or
for the next step from authentication specifically the authorization piece.
All right, so we talked about single sign on and managing ideas throughout the web. Right? We've talked about identity proofing with skim and S p m. L. We've talked about authentication with samel Open I d Connect and just briefly mentioned GPS bed for Microsoft products
and then
oh, off for authorization. So that's how we're gonna manage identity and access management in the cloud.
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By