Insanely good. I was already familiar with this concepts, but now I actually can communicate them to nontechnical personal. Great presentation!

Succinct and yet so illustrative! Learnt a thing or two about technical presentations too! Great presentation and presenter!

neat upload SpringDeveloper. I crushed that thumbs up on your video. Keep on up the really good work.

fantastic explanation of oauth and openid!!!

This is very useful even if I am a little bit above 5 :)

Awesome presentation!

@33:20 i'd say that a wrist band is the analog of an access token (you can go out and back in to the party) while for an id token that would be a badge (name & photo, etc)... 🙃

Really great explanation!!! Big thanks for making it

Yep, i am a 5 year old because this worked for me :) Thanks.

Nice explanation !!!

Great talk!

Great presentation!

The speaker explains: OAuth2 focusing on what a person can do, not who that person is. Later he tells, OIDC is extension of OAuth2 which implements the authentication, or identity. OIDC focus is to prove who someone, not what they can do. Am I the only one feel confused? Please correct me if I'm wrong, but in the original OAuth2 (without the OIDC extension) authenticating the user was the authorization-server responsibility. Based on the successful authentication, it could determine the authorities of the user. These authorities (stored in the issued token) provided information to the underlying services to make authorization related decisions. So what the OIDC add to this flow? What is the purpose of the separated access and id token. What problem this separation solves? What should we store on each and when should we use them? Can you please explain that like I'm 40+ year old, no need to lower down that much.

33:15 Why is the ticket booth is called authorization server? It checks your identity, so it should be authentication, right? Please correct me if my understanding is wrong, thanks!

It's top!👍

Awesome!

Thanks

I guess i need it explained to me as if I was a 2 yr old.

do you have any example using : (Client Initiated Backchannel Authentication, keycloak and spring boot) please

Why is AOL making me agree to these terms for my e-mail account?

goat

Can't the bearer token be of JWT format?

is slideshare broken? i can't open the slides :(

Where can I get the presentation so I can click the links? thanks!

Which 5-year-old kid can stand for almost 50 minutes of lecture???

boaring