If you're like me, you've heard about OAuth 2.0 and OpenID Connect, but have a lot of unanswered questions. What's the big deal, anyway? Why do we need yet another set of standards for authentication on the web?
In this talk, I'll break down the rationale behind OAuth and OpenID Connect in plain language, and explain when and how you should use these standards in your applications. I'll cover grant types, flows, scopes, tokens, and more. If you've ever felt confused about how these standards work, this talk is for you!