From the course: Web Security: OAuth and OpenID Connect
Join today to access over 24,900 courses taught by industry experts.
Security considerations - OAuth Tutorial
From the course: Web Security: OAuth and OpenID Connect
Security considerations
- [Instructor] Now let's talk about how to properly secure the Client Credential Flow. I'm not going to walk through a full security audit of your application, 'cause that would depend on the language and framework chosen, the configuration of your servers, and a bunch of other things outside the scope of an OAuth course. Regardless, you should look at audit penetration tests and other practices to make your apps more secure, but back to the course. First, you should always remember that we are dealing with credentials, so your communication should be secure using mechanisms such as TLS, even though these connections are done entirely on the backend where the user can't see or interact with them, there are still bad actors out there. Which actually brings another security benefit, since no users are ever interacting with this flow directly, there's no way they can compromise it by accident or on purpose. But there's also a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.