Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
Developers know OAuth 2.0 and OpenID Connect (OIDC) are powerful tools for adding authentication and authorization to modern web apps.
Now you can make these standards do even more for you with Okta’s new inline hooks. This post will show you how to use inline hooks to path information into the tokens you get back from Okta through OIDC and OAuth.
Technology has a way of updating faster than security standards. OAuth 2.0 is the latest and greatest standard for modern applications, but it’s eight years old now! Its contributors are working on the next version as we speak, and in the meantime, they release “guidance” periodically to help developers use OAuth 2.0 with new technology.
Last year, the developers submitted two drafts of important pieces of guidance for OAuth 2.0. OAuth 2.0 Security Best Current Practices gives advice for securing modern apps with OAuth 2.0, and OAuth 2.0 for Browser-Based Apps focuses specifically on web app best practices.
In this tutorial, you’ll migrate Spring Boot with OAuth 2.0 support from version 1.5.x to 2.1.x. Spring Boot 2.1.x promotes OpenID Connect to a first-class citizen in the stack, making implementation more accessible than ever. We’ll start with integrating Okta’s OAuth service using Spring Boot 1.5.19 and Spring Security 4.2.x and then replicate the same motion using Spring Boot 2.1.3 and Spring Security 5.1. To make the process even simpler, we’ll minimize the code and configuration even further with Okta’s Spring Boot Starter with Spring Boot 2.1.3.
In the beginning, there were siloed web sites that didn’t talk to each other, and it was sad.
Single sign-on (SSO) is the standard nowadays, regardless of industry or company size. It might be strange to think that SSO used to only be available to enterprise companies that could afford it.
Today, with service providers like Okta and enabling technologies such as OpenID Connect (OIDC) and OAuth 2.0, developers can easily integrate SSO into their websites and apps