9:45 AM Saturday Room: RE-311Having trouble scaling because of server-based sessions? Token authentication removes the burden of storing session state on the server. Want to make the switch to token authentication, but don’t know how? A what the heck is OAuth, anyway?
In this talk, Nate Barbettini, .NET Developer Evangelist at Stormpath, will demystify token authentication and cover topics such as:
- What is OAuth?
- OAuth2 tokens and grant types
- Why JWTs make great OAuth2.0 tokens
- Protecting against XSS (cross-site scripting) attacks
- Protecting against CSRF (cross-site request forgery) attacks
You’ll learn how to use OAuth2.0 and signed JWTs to create a scalable and secure authentication and authorization layer for your application. Nate will demonstrate these points with a simple single-page application built with ASP.NET and Web API.