Authorization and authentication are two of main problems on modern web application’s security,. They were both solved by OAuth 2.0 and OpenId Connect(OIDC). Considering them being fundamentally complicated, and variety of implementation, this may cause developers making some mistakes. I want to discuss some details in the specs which may lead to misconceptions and also go over common mistakes.
.NET Developer, Web-based Security
I am a graduate of Software Engineering, with a career focus on back-end development and architecture. I’m passionate about designing and developing solutions that positively impact the user.