Identity as a Service for Apps, Cloud and APIs
Signup and login with your Google, Yahoo, or Microsoft account can be found in more and more web apps and mobile apps. For me as an end user, this is so attractive, since I do not need to fill in another signup form, I do not need to create a new username and I do not need to remember yet another password. I can just use my existing account that I use every day. As a result: Signup and login to new and existing apps is a smooth and convenient process.
For the developers of web apps and mobile apps, this signup and login feature is attractive, too: (1) they do not need to manage user credentials themselves (i.e. manage secure servers, provide support for lost passwords etc.), and (2) they get a higher conversion rate and more new customers, since the barrier of signup has been lowered substantially. In effect this means (1) cutting cost and (2) increasing new customers.
So how does this feature “Signup and login with Google, Yahoo, or Microsoft” work? It is realized with OpenID Connect, a standardized protocol for sharing end-user data in a secure and controlled manner. Exploring how OpenID Connect works and how we can use it, is the subject matter of this book.
This book explains the overall concept of OpenID Connect so we understand what those important concepts are, who the actors are, which endpoints and tokens are involved and how those elements fit together and interact in so-called flows. We visualize these flows and help you chose the flow that is appropriate for your given scenario. We study the ID Tokens, the claims they contain, how they can be obtained and how they are constructed and verified as JWT, JWS, and JWE.
In short, we will study the nitty-gritty details of OpenID Connect, that are needed to get your app to work with OpenID Connect. And OpenID Connect is required to create smooth login and signup experiences for your prospects, to increase the customer signup rate and to create highly converting apps.
The API-University Series is a modular series of books on API-related topics. Each book focuses on a particular API topic, so you can select the topics within APIs, which are relevant to you.
Keywords: OpenID Connect, REST, API, JWT, Token, Identity, OAuth
Get the Book
Download PDF $29.99
Title: OpenID Connect – Identity Layer for your APIs