Welcome to the second part of the Identity and Access Management (IAM) trilogy. Today, we will explore the best practices for two key protocols: OAuth 2.0 and OpenID Connect (OIDC). The two protocols are very like each other, but still complex on a technical level. Many of you have used one or the other at some point.
There are a lot of tutorials about this topic, especially OAuth. But a lot of them contain a lot of jargon and false information. There are two reasons for this. First, authentication and authorization are themselves complex topics. They require a lot of background information to even begin with. Second, the protocols have a lot of different ways for implementation. This makes it hard to deliver a good tutorial that covers most aspects of the technology. I wanted this article to be clear and accurate for software developers and beginners. So if you work in or around tech, this article is for you.
Welcome to the third and final part of my Identity and Access Management (IAM) trilogy. In the last two parts, we defined what authentication and authorization are. We also discussed two very important protocols for managing authentication and authorization via third-party apps like OAuth 2.0 and OpenID Connect.
This covers most of the key aspects of authentication and authorization. However, there is still one important puzzle piece missing, and that is persisting a session after a user logs in.
Welcome to the first part of my short trilogy about the topic of identity and access management (IAM). In this series, we’ll look at the best ways to manage users. We’ll also discuss how to handle secure user sessions in today’s IT world.
The first part gives an overview. It covers authentication and authorization. You will gain the fundamental knowledge required for the more complex topics.
The second part will be about how the workflow looks for authorizing users. We’ll look at how to enable secure user authorization. We’ll use standards like OAuth and OpenID Connect (OIDC). Passkeys will also be a very interesting topic here, so stay tuned.
At one point or another, every developer will have to set up their workspace on a completely new machine. The reason could be anything, but what is certain is that this day will come sooner or later. And when it comes, be sure to have prepared for it so it doesn’t take you days, but hours at most.
How do we prepare for it? Well, the biggest workload when setting up a workspace is configuration. It takes time to set up partitions or install mandatory applications. But the biggest gotcha is configuring your applications to fit your needs. Be it a simple VS Code config file or a complete Neovim IDE, it does not get better the longer you work in this field.
