Part 2: Building an OAuth Application and API


This session includes a deep dive on the Authorisation Code flow with PKCE, as well as refresh tokens and how to use OpenID Connect to learn the user's name and email address. We'll demonstrate building a simple OAuth client application to get an access token and log the user in. We’ll also build a functioning API that validates access tokens and returns private data. We’ll conclude with a discussion of the various options for access token lifetimes and different ways to validate access tokens, talking about the tradeoffs of each.

Part 2: Building an OAuth Application and API Thumbnail

By submitting, I agree to the processing and international transfer of my personal data by Okta as described in the Privacy Policy.