Implementing Modern Identity
and Sign In with Apple
Ado Kukic
Developer Evangelist
Auth0
@kukicado
Identity Management Used to be Easy*
* Not really
@kukicado
@kukicado
{ username / password }
{ sid 123 }
@kukicado
{ sid 123 }
{ html }
@kukicado
Modern Auth is Complex
Grant Types
Scopes
Auth Flows
@kukicado
OAuth 2.0
An open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.
An open standard for access delegation.
@kukicado
OpenID Connect
An authentication layer built on top of OAuth 2.0, allowing clients to verify the identity of an end-user based on the authentication performed by an authorization server.
@kukicado
An authentication layer built on top of OAuth 2.0
OAuth 2.0 Roles
Resource Owner
The entity that can grant access to a protected resource. Typically this is the end-user.
Resource Server
The server hosting the protected resources. This is the API you want to access.
Client
The app requesting access to a protected resource on behalf of the Resource Owner.
Authorization Server
The server that authenticates the Resource Owner, and issues tokens.
Traditional
Web Application
Authorization Code Flow
@kukicado
Baseline
{ html }
@kukicado
/callback?code={123}
{ tokens }
{ sid 123 }
Authentication
@kukicado
{ html }
Authenticated
@kukicado
Public Clients
Android, iOS, SPA, Desktop
Authorization Code with PKCE Grant Flow
@kukicado
Baseline
{ json }
@kukicado
Authentication
{ code_challenge }
code={123}
@kukicado
Authentication
{ code={123} code_verifier }
@kukicado
Authenticated
{ json }
{ json }
@kukicado
Refresh Token
@kukicado
Summary
@kukicado
Modern authentication is complex.
OAuth 2.0 offers solutions / flows for most use cases.
Implementing OAuth 2.0 can provide a competitive advantage.
Resources
@kukicado
OAuth 2.0 Official Website
https://oauth.net/2/
OAuth 2.0 Complete Guide
http://bit.ly/oauth-complete
Implementing Sign In With Apple with Auth0
http://bit.ly/auth0-apple
Thank You!
Demo Time
@kukicado
DT-X Talk
By Ado Kukic
DT-X Talk
- 792