Johannes Brodwall - Who's your user? OpenID from the ground-up

There are few systems that can provide any value without knowing who the user is. But if you create yet another system that stores a password for your users, you are probably doing your users, yourself and your organization a huge disservice. And as organizations move from few monolithic services to distributed systems, having an integrated view of the user identity becomes essential. Modern identity providers all implement the OpenID Connect. The effect is that authorizing with a social login provider like Google, Twitter or Github requires exactly the same steps as authorizing with an organizational identity provider like Microsoft Active Directory, an identity service run inhouse like Keycloak or a national idneity provider run by the government. This talk helps you understand the OpenID Connect protocol with a solid foundation of discovery documents, code flow, authorization and token endpoints and JSON web tokens. From this foundation, we discuss the different levels of trust we can place in different identity providers as well as how you register your application with different identity providers. After watching this talk, you will know the benefits of using an Open ID Connect provider and the steps necessary to sign up with the most useful providers and how to implement and troubleshoot the integration of your system with an identity provider. The demo application for the presentation is located at https://github.com/jhannes/identity-fun