- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Loek Duys | Five things every developer should know about using JSON Web tokens
This session from the Update Conference dives deep into the world of JSON Web Tokens (JWTs) and their crucial role in modern application security, particularly within the .NET ecosystem. The speaker, Loek Duys, demystifies JWT structure, explains the responsibilities of Identity Providers (IDPs), and guides you through various OAuth2 grant flows for both human and system accounts. Through practical .NET demonstrations, you'll learn about token validation, asymmetrical cryptography, and how permissions are managed. The session also tackles common token abuse risks and introduces the powerful Back-end for Front-end (BFF) pattern for enhanced security. This is an essential watch for developers looking to secure their APIs and understand authentication best practices.
--
01:07 Introduction to JSON Web Tokens (JWT)
02:19 Structure of a JWT
02:42 Decoded JWT and its components
05:29 Identity Provider (IDP) and its responsibilities
06:10 Clients in IDP and their configuration
07:09 Application Integration Endpoints for IDP
07:55 Deciding which grant flow to use
08:47 Creating a JWT for a human account (Authorization Code Grant Flow)
10:01 Creating a JWT for a system account (Client Credentials Grant Flow)
11:35 Demo: Using tokens in .NET (SPA Front-end and API)
16:41 Token Validation and Asymmetrical Cryptography
18:03 Hashing and its features
19:27 Signature proves validity (RSA and SHA-256)
22:52 JWT Audience (Sender and Recipient)
23:58 Permissions (Scope and Resource Permission)
32:38 Token Flavors (Access, Identity, Refresh Tokens)
33:17 Where JWTs are used in an application
34:17 User Consent and its impact on tokens
34:44 Demo: Consent & Three token types
36:37 Examples of Token Abuse and Mitigation
38:16 Back-end for Front-end (BFF) Pattern
39:36 Demo: BFF in action
~
https://www.linkedin.com/company/update-conference/
https://www.instagram.com/update_conf/
https://x.com/update_conf
https://www.facebook.com/updateconference
Видео Loek Duys | Five things every developer should know about using JSON Web tokens канала Update Conference
--
01:07 Introduction to JSON Web Tokens (JWT)
02:19 Structure of a JWT
02:42 Decoded JWT and its components
05:29 Identity Provider (IDP) and its responsibilities
06:10 Clients in IDP and their configuration
07:09 Application Integration Endpoints for IDP
07:55 Deciding which grant flow to use
08:47 Creating a JWT for a human account (Authorization Code Grant Flow)
10:01 Creating a JWT for a system account (Client Credentials Grant Flow)
11:35 Demo: Using tokens in .NET (SPA Front-end and API)
16:41 Token Validation and Asymmetrical Cryptography
18:03 Hashing and its features
19:27 Signature proves validity (RSA and SHA-256)
22:52 JWT Audience (Sender and Recipient)
23:58 Permissions (Scope and Resource Permission)
32:38 Token Flavors (Access, Identity, Refresh Tokens)
33:17 Where JWTs are used in an application
34:17 User Consent and its impact on tokens
34:44 Demo: Consent & Three token types
36:37 Examples of Token Abuse and Mitigation
38:16 Back-end for Front-end (BFF) Pattern
39:36 Demo: BFF in action
~
https://www.linkedin.com/company/update-conference/
https://www.instagram.com/update_conf/
https://x.com/update_conf
https://www.facebook.com/updateconference
Видео Loek Duys | Five things every developer should know about using JSON Web tokens канала Update Conference
Комментарии отсутствуют
Информация о видео
29 июля 2025 г. 14:53:14
00:43:20
Другие видео канала
![[MAUIUIJULY] MAUI Form-factor customizations](https://i.ytimg.com/vi/YdjOx6SmKco/default.jpg)
[MAUIUIJULY] MAUI Form-factor customizations
UPDATE DAYS | With implementing AI comes some awesome benefits #ai #developers
Vojtěch Kožuch: .NET Interactive | MeetUpdate
Crux Conception: Team Dynamics & Communication Skills (Project Productivity & Leadership)
Michal Tichý: Párové programování s AI | MeetUpdate
Update Days: Legacy aplikace - Aftermovie
Update Conference Prague 2020 - Book Your Tickets
Update Days: Corestart 6.0 - Aftermovie
Peter DROUGGE: A lap around Azure Machine Learning services @ Update Conf Prague 2018
Mabrouk Mahdhi | Code Complete: The Day AI Writes Your Next App!
Jonathan Tower | How to Avoid Doing Microservices Completely Wrong
Tom van den Berg | Your .NET App Is Probably Vulnerable Right Now
How to watch the Update Now conference
Update Days: Legacy Aplikace - Pozvánka na workshop
Adam SITNIK: Solving .NET performance issues | UCP2019
Update Conference built by developers, for developers - | 13 - 14 Nov 2025 | Prague/Online
Adam Małek: Why do we need Machine Learning in IDEs? | MeetUpdate
Update Days: MAUI | 23 - 24 March | Prague/online
Update Conference Prague 2023 - Aftermovie #dotNET #cloud #security #software #development
Meet Gerald Versluis at #UCP25
Update Conference Prague 2023 | 23 - 24 November | JOIN US
