Session

Tired of getting confused about concepts like authentication, authorization, access tokens, ID tokens, client credentials, OpenID Connect, and OAuth2.0? In this talk, you’ll learn how they come into play for the different scenarios so you never get confused again.

Unless you work implementing authorization and authentication flows on a daily basis, chances are that you don’t know the different types of flows your application could follow. In general, Pythonistas see every application as an API and there’s nothing wrong with that until you need to implement such flows on your application.

In this talk, you will see how an API differs from a regular web application. We will dive into the differences between implementing a simple protected API to a web app with a front-end, login, and logout. You’ll understand key concepts like access tokens, client credentials, OpenID Connect, OAuth2.0, and how they come into play for the different scenarios.

If you are tired of getting confused by all of these concepts, this talk is for you.