Last weekend I spoke at @DDDMelbourne and it was my first time doing so. The event attracted close to 900 people and had 5 concurrent tracks. I spoke at the @JuniorDev channel about
DDD Melbourne is an inclusive non-profit conference for the software community.
On the website it says
Our goal is to create an approachable event that appeals to the whole community, especially people who usually don’t have the opportunity to attend, or speak at, conferences.
My talk was about modern authentication and how to leverage existing trust relationships with social networking web sites and other identity providers. I described the core concepts and then jumped in to a deep dive of JSON Web Tokens. I finished the talk by looking at
OpenIdConnect flows like
Auth Code Grant and
Client Credentials Grant. I briefly touched on recent additions to the OAuth 2.0 protocol like Token Exchange Flow and Device Code flow as well.
The abstract is as follows.
There has never been more emphasis in security than in the modern environment of distributed computing and increased sharing of data. Our data does not sit inside silos consumed by one application anymore. In this context the modern distributed applications need to securely access protected resources without having to share passwords. We need scalable solutions that work with things like single page applications. We will dive in and explore terms like
JWTand how they relate to authentication and authorisation. This presentation hopes to give you a good understanding of what, where and how to get started with the modern approaches to authentication.
You can download the slides from here
A big thanks for everyone who helped organize this event and the everyone who came to listen to my talk. It was the 10th consecutive year of running DDD Melbourne and everyone seemed to thoroughly enjoy it. If you have any thoughts + feedback about my talk or the event in general please feel free to leave it here or send them my way via twitter @dasiths.