% Off Udemy Coupon - CoursesWyn

[NEW] Spring Security 7 + OAuth2 + JWT + Auth0 + Keycloak

Full Stack Angular + Spring Boot 3 + Microservices Security OIDC, RBAC Social Login CSRF COSRS Pre/Post Authorize POC's

$12.99 (91% OFF)
Get Course Now

About This Course

<div>What are we going to cover</div><div><br></div><div>Spring Security Basics</div><div><ul><li>Master Security</li><li><span style="font-size: 1rem;">Security in Spring Boot &amp; Microservices</span></li><li><span style="font-size: 1rem;">Why Security for your spring boot app?</span></li><li><span style="font-size: 1rem;">What is Spring Security?</span></li><li><span style="font-size: 1rem;">Key Spring Security Concepts</span></li><li><span style="font-size: 1rem;">Authentication</span></li><li><span style="font-size: 1rem;">Authorization</span></li><li><span style="font-size: 1rem;">Servlet Filters</span></li><li><span style="font-size: 1rem;">What are its alternatives?</span></li><li><span style="font-size: 1rem;">Security Implementation - Who’s responsibility</span></li><li><span style="font-size: 1rem;">Let’s get started !</span></li><li><span style="font-size: 1rem;">Why 401 ?</span></li><li><span style="font-size: 1rem;">Summary</span></li><li><span style="font-size: 1rem;">Spring Security: Convention-over-Configuration</span></li><li><span style="font-size: 1rem;">Key Participants in Authentication Framework</span></li><li><span style="font-size: 1rem;">Flow of Authentication in Spring Security</span></li><li><span style="font-size: 1rem;">Spring Security Auto-configured Beans</span></li><li><span style="font-size: 1rem;">UserDetailsService</span></li><li><span style="font-size: 1rem;">PasswordEncoder</span></li></ul></div><div><span style="font-size: 1rem;">Spring Security Configuration</span></div><div><ul><li><span style="font-size: 1rem;">Introduction to POC 2</span></li><li><span style="font-size: 1rem;">Overriding Default Configurations</span></li><li><span style="font-size: 1rem;">Customizing Spring Security Configuration</span></li><li><span style="font-size: 1rem;">Why Authentication Fails Now</span></li><li><span style="font-size: 1rem;">Fixing Authentication Step by Step</span></li><li><span style="font-size: 1rem;">Define User Credentials</span></li><li><span style="font-size: 1rem;">Adding User to InMemoryUserDetailsManager</span></li><li><span style="font-size: 1rem;">Defining a PasswordEncoder Bean</span></li><li><span style="font-size: 1rem;">Why Avoid HTTP Basic Authentication?</span></li></ul></div><div><span style="font-size: 1rem;">User Management</span></div><div><ul><li><span style="font-size: 1rem;">User Management</span></li><li><span style="font-size: 1rem;">User Management Components</span></li><li><span style="font-size: 1rem;">UserDetails</span></li><li><span style="font-size: 1rem;">UserDetailsManager</span></li><li><span style="font-size: 1rem;">User</span></li><li><span style="font-size: 1rem;">Customising User Details Service</span></li><li><span style="font-size: 1rem;">POC 3</span></li><li><span style="font-size: 1rem;">Creating User &amp; Authority Table</span></li><li><span style="font-size: 1rem;">Mapping User &amp; Authorities table</span></li><li><span style="font-size: 1rem;">Why Authorities are eagerly fetched</span></li><li><span style="font-size: 1rem;">Fetch saved Authorities from SecurityContext</span></li></ul></div><div><span style="font-size: 1rem;">Authorization</span></div><div><ul><li><span style="font-size: 1rem;">Authorization</span></li><li><span style="font-size: 1rem;">How Authorization works</span></li><li><span style="font-size: 1rem;">What are we going to learn</span></li><li><span style="font-size: 1rem;">GrantedAuthority</span></li><li><span style="font-size: 1rem;">Difference between Authorities and Roles</span></li><li><span style="font-size: 1rem;">Authorization implementations level</span></li><li><span style="font-size: 1rem;">Endpoint Level Authorization</span></li></ul></div><div><span style="font-size: 1rem;">Security Filter Chain</span></div><div><ul><li><span style="font-size: 1rem;">Security Filter Chain</span></li><li><span style="font-size: 1rem;">Defining a Filter Chain</span></li><li><span style="font-size: 1rem;">Modifying Filter chain</span></li><li><span style="font-size: 1rem;">Why still 403 ?</span></li><li><span style="font-size: 1rem;">anyRequest().authenticated()</span></li><li><span style="font-size: 1rem;">anyRequest().permitAll()</span></li><li><span style="font-size: 1rem;">anyRequest().hasAuthority()</span></li><li><span style="font-size: 1rem;">anyRequest().hasAnyAuthority()</span></li><li><span style="font-size: 1rem;">Role</span></li><li><span style="font-size: 1rem;">anyRequest().hasRole()</span></li><li><span style="font-size: 1rem;">anyRequest().hasAnyRole()</span></li><li><span style="font-size: 1rem;">401 VS 403</span></li><li><span style="font-size: 1rem;">anyRequest().access()</span></li><li><span style="font-size: 1rem;">Advantage of anyRequest().access()</span></li><li><span style="font-size: 1rem;">Disadvantage of anyRequest().access()</span></li><li><span style="font-size: 1rem;">anyRequest().denyAll()</span></li></ul></div><div><span style="font-size: 1rem;">Request Matchers</span></div><div><ul><li><span style="font-size: 1rem;">Matcher Methods</span></li><li><span style="font-size: 1rem;">List of All Matcher Methods</span></li><li><span style="font-size: 1rem;">Request Matcher</span></li><li><span style="font-size: 1rem;">Request Matcher Methods</span></li><li><span style="font-size: 1rem;">Real-life analogy</span></li><li><span style="font-size: 1rem;">How requestMatchers() works in this setting</span></li><li><span style="font-size: 1rem;">Code Block</span></li></ul></div><div><span style="font-size: 1rem;">Types of Matchers</span></div><div><ul><li><span style="font-size: 1rem;">Ant Matcher</span></li><li><span style="font-size: 1rem;">ANT Matcher Methods</span></li><li><span style="font-size: 1rem;">Why it was popular</span></li><li><span style="font-size: 1rem;">Example in Spring Security 5.x</span></li><li><span style="font-size: 1rem;">Why Deprecated in Spring Security 6+</span></li><li><span style="font-size: 1rem;">MVC Matcher</span></li><li><span style="font-size: 1rem;">MVC Matcher Methods</span></li><li><span style="font-size: 1rem;">Why it was used</span></li><li><span style="font-size: 1rem;">Regex Matcher</span></li><li><span style="font-size: 1rem;">regexMatchers()</span></li><li><span style="font-size: 1rem;">Why use it</span></li><li><span style="font-size: 1rem;">Dispatcher Type Matcher</span></li><li><span style="font-size: 1rem;">Purpose - What is DispatcherType</span></li><li><span style="font-size: 1rem;">Servlet Path Matcher</span></li><li><span style="font-size: 1rem;">Purpose</span></li><li><span style="font-size: 1rem;">Is it any relevant in spring boot app?</span></li><li><span style="font-size: 1rem;">Combining all Matcher methods</span></li></ul></div><div><span style="font-size: 1rem;">Method Level Security</span></div><div><ul><li><span style="font-size: 1rem;">Authorization at the method level</span></li><li><span style="font-size: 1rem;">Where do we stand now?</span></li><li><span style="font-size: 1rem;">Can Spring Security Be Used in Non-Web Applications?</span></li><li><span style="font-size: 1rem;">Where Can You Apply Method Security?</span></li><li><span style="font-size: 1rem;">Why Use Method Security?</span></li><li><span style="font-size: 1rem;">Role of Authentication in Enabling Method Security</span></li><li><span style="font-size: 1rem;">Why Not Use permitAll() with Method Security</span></li><li><span style="font-size: 1rem;">Code snippet</span></li><li><span style="font-size: 1rem;">Enabling method security</span></li><li><span style="font-size: 1rem;">New way of enabling Method level Authorization</span></li><li><span style="font-size: 1rem;">What Happens Behind the Scenes</span></li><li><span style="font-size: 1rem;">Why Called “Aspect Behind the Scene”?</span></li><li><span style="font-size: 1rem;">Prevent GOD class with Method level Authorization?</span></li><li><span style="font-size: 1rem;">Best Practice</span></li><li><span style="font-size: 1rem;">Priority of Rules: Security Config vs Method-Level Authorization</span></li><li><span style="font-size: 1rem;">Performance Consideration: Method-Level vs Filter-Level Authorization</span></li><li><span style="font-size: 1rem;">How Method-Level Security Goes Beyond Filters</span></li><li><span style="font-size: 1rem;">Multi-line @PreAuthorize for Complex Security Rules</span></li><li><span style="font-size: 1rem;">Disadvantages of Multi-line rules</span></li><li><span style="font-size: 1rem;">Moving Beyond SpEL: Bean-Based Security Checks</span></li><li><span style="font-size: 1rem;">Post Authorize</span></li><li><span style="font-size: 1rem;">Difference Between @PreAuthorize and @PostAuthorize</span></li></ul></div><div><span style="font-size: 1rem;">Filters in Method Security</span></div><div><ul><li><span style="font-size: 1rem;">Pre filter</span></li><li><span style="font-size: 1rem;">Pre filter - Key Pointers</span></li><li><span style="font-size: 1rem;">Postfilter - Key Pointers</span></li><li><span style="font-size: 1rem;">Post Filter Pitfalls</span></li><li><span style="font-size: 1rem;">PreFilter VS PostFilter</span></li><li><span style="font-size: 1rem;">@Pre/@PostAuthorize VS @Pre/@PostFilter</span></li></ul></div><div><span style="font-size: 1rem;">OAuth 2 &amp; OIDC Basics</span></div><div><ul><li><span style="font-size: 1rem;">OAuth 2 &amp; OIDC</span></li><li><span style="font-size: 1rem;">Basics</span></li><li><span style="font-size: 1rem;">Actors/Roles in OAuth2</span></li><li><span style="font-size: 1rem;">OAuth 2 Flow</span></li><li><span style="font-size: 1rem;">The OAuth 2.0 Solution</span></li><li><span style="font-size: 1rem;">Why this is powerful</span></li><li><span style="font-size: 1rem;">Steps in OAuth 2</span></li><li><span style="font-size: 1rem;">How to get the token?</span></li><li><span style="font-size: 1rem;">Heart of how OAuth2 + Spring Security works</span></li><li><span style="font-size: 1rem;">Grant types</span></li><li><span style="font-size: 1rem;">Types of Grant types</span></li><li><span style="font-size: 1rem;">Deprecated Grant types</span></li><li><span style="font-size: 1rem;">OAuth’s Main Security Principle</span></li><li><span style="font-size: 1rem;">Why Password Grant Type Is Deprecated</span></li><li><span style="font-size: 1rem;">Modern Replacement</span></li><li><span style="font-size: 1rem;">Why Implicit Grant Type Is Deprecated</span></li><li><span style="font-size: 1rem;">Summary</span></li></ul></div><div><span style="font-size: 1rem;">Authorization Code Flow</span></div><div><ul><li><span style="font-size: 1rem;">Authorization Code Flow</span></li><li><span style="font-size: 1rem;">What Is the Authorization Code Grant Type?</span></li><li><span style="font-size: 1rem;">Step-by-Step Flow</span></li><li><span style="font-size: 1rem;">Advantages</span></li><li><span style="font-size: 1rem;">Disadvantages</span></li></ul></div><div><span style="font-size: 1rem;">Authorization Code Flow with PKCE</span></div><div><ul><li><span style="font-size: 1rem;">What is PKCE</span></li><li><span style="font-size: 1rem;">Why PKCE was introduced</span></li><li><span style="font-size: 1rem;">The Players</span></li><li><span style="font-size: 1rem;">Authorization Code Flow with PKCE — Step by Step</span></li><li><span style="font-size: 1rem;">How PKCE Prevents Attacks</span></li><li><span style="font-size: 1rem;">How Verifier &amp; Challenge Work</span></li><li><span style="font-size: 1rem;">Real-World Analogy: The Locker &amp; Key</span></li><li><span style="font-size: 1rem;">Summary of PKCE Flow</span></li><li><span style="font-size: 1rem;">Authorization Code vs Authorization Code + PKCE</span></li><li><span style="font-size: 1rem;">Points to remember</span></li></ul></div><div><span style="font-size: 1rem;">Client Credentials Flow</span></div><div><ul><li><span style="font-size: 1rem;">Client Credentials Grant Type</span></li><li><span style="font-size: 1rem;">What is Client Credentials grant</span></li><li><span style="font-size: 1rem;">When to use it</span></li><li><span style="font-size: 1rem;">The Actors</span></li><li><span style="font-size: 1rem;">Flow (step-by-step)</span></li><li><span style="font-size: 1rem;">Typical token response</span></li><li><span style="font-size: 1rem;">Client authentication methods with AS</span></li><li><span style="font-size: 1rem;">How Scopes → Authorities Mapping Works</span></li><li><span style="font-size: 1rem;">Scopes &amp; authorities</span></li><li><span style="font-size: 1rem;">Tokens: JWT vs opaque</span></li><li><span style="font-size: 1rem;">Security considerations / best practices</span></li><li><span style="font-size: 1rem;">Pitfalls &amp; gotchas</span></li></ul></div><div><span style="font-size: 1rem;">Refresh Token Flow</span></div><div><ul><li><span style="font-size: 1rem;">Refresh Token Grant Type</span></li><li><span style="font-size: 1rem;">What is a Refresh Token?</span></li><li><span style="font-size: 1rem;">Why Refresh Tokens Exist</span></li><li><span style="font-size: 1rem;">Who uses the Refresh Token flow?</span></li><li><span style="font-size: 1rem;">Refresh Token Grant Type Flow</span></li><li><span style="font-size: 1rem;">Static (Reusable) Refresh Tokens</span></li><li><span style="font-size: 1rem;">Rotating (One-time) Refresh Tokens</span></li><li><span style="font-size: 1rem;">How OAuth2 servers decide</span></li><li><span style="font-size: 1rem;">What clients must do</span></li><li><span style="font-size: 1rem;">Key Token Lifetimes</span></li><li><span style="font-size: 1rem;">Why Refresh Tokens Are Sensitive</span></li><li><span style="font-size: 1rem;">Refresh Token Flow vs Access Token Flow</span></li></ul></div><div><span style="font-size: 1rem;">Tokens</span></div><div><ul><li><span style="font-size: 1rem;">What is opaque token?</span></li><li><span style="font-size: 1rem;">How opaque token Works?</span></li><li><span style="font-size: 1rem;">Introspection response</span></li><li><span style="font-size: 1rem;">Non-opaque tokens vs opaque tokens</span></li></ul></div><div><span style="font-size: 1rem;">JWT</span></div><div><ul><li><span style="font-size: 1rem;">JWTs</span></li><li><span style="font-size: 1rem;">What is a JWT?</span></li><li><span style="font-size: 1rem;">The basic structure of a JWT</span></li><li><span style="font-size: 1rem;">How JWT works</span></li><li><span style="font-size: 1rem;">JWT signing methods</span></li><li><span style="font-size: 1rem;">Common JWT claims</span></li><li><span style="font-size: 1rem;">How JWTs are verified</span></li><li><span style="font-size: 1rem;">Private and Public keys</span></li><li><span style="font-size: 1rem;">What is /jwks.json?</span></li><li><span style="font-size: 1rem;">Why JWTs are so popular</span></li><li><span style="font-size: 1rem;">Limitations / Pitfalls</span></li></ul></div><div><span style="font-size: 1rem;">OIDC</span></div><div><ul><li><span style="font-size: 1rem;">OIDC</span></li><li><span style="font-size: 1rem;">What is OIDC</span></li><li><span style="font-size: 1rem;">Authorization code flow with PKCE</span></li><li><span style="font-size: 1rem;">Real-world example (Google Login)</span></li><li><span style="font-size: 1rem;">Why OIDC exists</span></li><li><span style="font-size: 1rem;">What OIDC Actually Is</span></li><li><span style="font-size: 1rem;">Core Components in OIDC</span></li><li><span style="font-size: 1rem;">ID Token</span></li><li><span style="font-size: 1rem;">Standard Claims in ID Token</span></li><li><span style="font-size: 1rem;">OIDC Scopes</span></li><li><span style="font-size: 1rem;">OIDC Endpoints</span></li><li><span style="font-size: 1rem;">Benefits of OIDC</span></li><li><span style="font-size: 1rem;">Common pitfalls</span></li><li><span style="font-size: 1rem;">Nonce</span></li><li><span style="font-size: 1rem;">Why Nonce</span></li></ul></div><div><span style="font-size: 1rem;">SSO</span></div><div><ul><li><span style="font-size: 1rem;">SSO</span></li><li><span style="font-size: 1rem;">What is SSO</span></li><li><span style="font-size: 1rem;">Actors in SSO</span></li><li><span style="font-size: 1rem;">Steps in SSO</span></li><li><span style="font-size: 1rem;">Why SSO works</span></li><li><span style="font-size: 1rem;">Common Pitfalls Of SSO</span></li><li><span style="font-size: 1rem;">Security benefit of SSO</span></li><li><span style="font-size: 1rem;">SSO Logout Scenarios</span></li><li><span style="font-size: 1rem;">Why OAuth2 + OIDC are REQUIRED for SSO</span></li></ul></div><div><span style="font-size: 1rem;">CSRF</span></div><div><ul><li><span style="font-size: 1rem;">CSRF</span></li><li><span style="font-size: 1rem;">What is CSRF</span></li><li><span style="font-size: 1rem;">Core browser behavior</span></li><li><span style="font-size: 1rem;">Why CSRF is dangerous</span></li><li><span style="font-size: 1rem;">How websites stop CSRF</span></li><li><span style="font-size: 1rem;">Why Spring Security enables CSRF by default</span></li></ul></div><div><span style="font-size: 1rem;">CORS</span></div><div><ul><li><span style="font-size: 1rem;">CORS</span></li><li><span style="font-size: 1rem;">What is CORS</span></li><li><span style="font-size: 1rem;">Why CORS exists</span></li><li><span style="font-size: 1rem;">What is an origin</span></li><li><span style="font-size: 1rem;">CORS Rule</span></li><li><span style="font-size: 1rem;">Spring Boot CORS config</span></li><li><span style="font-size: 1rem;">Common CORS mistakes</span></li><li><span style="font-size: 1rem;">CORS vs CSRF</span></li></ul></div><div><span style="font-size: 1rem;">Full Stack POC</span></div><div><ul><li><span style="font-size: 1rem;">Full stack POC</span></li><li><span style="font-size: 1rem;">Intro to Foodify App</span></li><li><span style="font-size: 1rem;">UI Of Foodify App POC</span></li><li><span style="font-size: 1rem;">Backend Of Foodify App POC</span></li><li><span style="font-size: 1rem;">Auth0 configurations</span></li><li><span style="font-size: 1rem;">Spring Security Implementation</span></li></ul></div><div><span style="font-size: 1rem;">Auth0</span></div><div><ul><li><span style="font-size: 1rem;">What is Auth0</span></li><li><span style="font-size: 1rem;">Key Components of Auth0</span></li><li><span style="font-size: 1rem;">What Happens During Login</span></li><li><span style="font-size: 1rem;">Why Use Auth0</span></li><li><span style="font-size: 1rem;">MFA</span></li><li><span style="font-size: 1rem;">Social Login</span></li><li><span style="font-size: 1rem;">Centralized Identity</span></li><li><span style="font-size: 1rem;">Developer Productivity</span></li><li><span style="font-size: 1rem;">When SHOULD you build yourself?</span></li></ul></div><div><span style="font-size: 1rem;">Roles &amp; Permissions</span></div><div><ul><li><span style="font-size: 1rem;">What is Authentication vs Authorization?</span></li><li><span style="font-size: 1rem;">What is OAuth2 / OIDC?</span></li><li><span style="font-size: 1rem;">Architecture for End to end POC with Auth0</span></li><li><span style="font-size: 1rem;">What is Application in Auth0?</span></li><li><span style="font-size: 1rem;">What is API in Auth0?</span></li><li><span style="font-size: 1rem;">What is Audience?</span></li><li><span style="font-size: 1rem;">What are Roles?</span></li><li><span style="font-size: 1rem;">What are Permissions?</span></li><li><span style="font-size: 1rem;">Roles vs Permissions</span></li><li><span style="font-size: 1rem;">RBAC</span></li><li><span style="font-size: 1rem;">Why RBAC is Used</span></li><li><span style="font-size: 1rem;">Why roles &amp; permissions in JWT?</span></li></ul></div><div><span style="font-size: 1rem;">JWT Processing in Spring Security</span></div><div><ul><li>What is JwtDecoder?</li><li><span style="font-size: 1rem;">What is JwtAuthenticationConverter?</span></li><li><span style="font-size: 1rem;">What is Authority in Spring?</span></li><li><span style="font-size: 1rem;">ROLE_ prefix</span></li><li><span style="font-size: 1rem;">Common Mistakes</span></li></ul></div><div><span style="font-size: 1rem;">Implementation Steps</span></div><div><ul><li><span style="font-size: 1rem;">Steps to Implement Spring Security</span></li><li><span style="font-size: 1rem;">Steps to setup Auth0</span></li><li><span style="font-size: 1rem;">Steps to add Roles in token</span></li><li><span style="font-size: 1rem;">What happens in backend</span></li><li><span style="font-size: 1rem;">FINAL FLOW (END-TO-END)</span></li><li><span style="font-size: 1rem;">KEY CONCEPTS</span></li><li><span style="font-size: 1rem;">COMMON MISTAKES</span></li></ul></div><div><span style="font-size: 1rem;">Keycloak</span></div><div><ul><li><span style="font-size: 1rem;">Keycloak</span></li><li><span style="font-size: 1rem;">What is Keycloak?</span></li><li><span style="font-size: 1rem;">High Level Architecture</span></li><li><span style="font-size: 1rem;">Core Terminologies</span></li><li><span style="font-size: 1rem;">Types of Clients</span></li><li><span style="font-size: 1rem;">Role Types</span></li><li><span style="font-size: 1rem;">Client Scope</span></li><li><span style="font-size: 1rem;">Groups</span></li><li><span style="font-size: 1rem;">Identity Provider (IDP)</span></li><li><span style="font-size: 1rem;">Flows</span></li><li><span style="font-size: 1rem;">Keycloak vs Auth0</span></li><li><span style="font-size: 1rem;">Feature Comparison</span></li><li><span style="font-size: 1rem;">who should choose Keycloak vs Auth0</span></li></ul></div><div><span style="font-size: 1rem;">Social Login</span></div><div><ul><li><span style="font-size: 1rem;">Social Login</span></li><li><span style="font-size: 1rem;">What is Social Login</span></li><li><span style="font-size: 1rem;">How Social Login works</span></li><li><span style="font-size: 1rem;">Benefits of Social Login</span></li><li><span style="font-size: 1rem;">Configure Identity Providers in Keycloak</span></li><li><span style="font-size: 1rem;">Google login Steps</span></li><li><span style="font-size: 1rem;">Github social login steps</span></li></ul></div>

What you'll learn:

  • MASTER SPRING SECURITY 7 architecture including Authentication, Authorization, Security Filter Chain, and internal request flow
  • IMPLEMENT USER AUTHENTICATION using UserDetailsService, PasswordEncoder, and database-backed user management
  • UNDERSTAND ROLES vs AUTHORITIES and implement RBAC (Role-Based Access Control) & ABAC in real applications
  • APPLY ENDPOINT LEVEL SECURITY and METHOD LEVEL SECURITY using @PreAuthorize and @PostAuthorize
  • UNDERSTAND REQUEST MATCHERS including Ant, MVC, Regex, and modern Spring Security 6 approaches
  • MASTER OAUTH2 FUNDAMENTALS including actors, scopes, flows, and secure authorization architecture
  • IMPLEMENT AUTHORIZATION CODE FLOW and PKCE FLOW used by modern web and mobile applications
  • IMPLEMENT CLIENT CREDENTIALS FLOW for secure machine-to-machine communication
  • IMPLEMENT REFRESH TOKEN FLOW and understand token lifecycle and security best practices
  • MASTER JWT SECURITY including token structure, claims, signing, verification, and public/private key cryptography
  • IMPLEMENT JWT validation using JwtDecoder and JwtAuthenticationConverter in Spring Boot
  • UNDERSTAND OIDC (OpenID Connect) and how identity layer works on top of OAuth2
  • IMPLEMENT SSO (Single Sign-On) architecture using OAuth2 and OIDC
  • UNDERSTAND CSRF protection and why Spring Security enables CSRF by default
  • IMPLEMENT CORS configuration and understand cross-origin security behavior
  • IMPLEMENT AUTH0 including Applications, APIs, Audience, Roles, and Permissions mapping in JWT
  • IMPLEMENT KEYCLOAK including Realm, Clients, Roles, Groups, and identity provider configuration
  • IMPLEMENT SOCIAL LOGIN using Google and GitHub with OAuth2 / OIDC
  • IMPLEMENT RBAC IN MICROSERVICES using roles and permissions extracted from JWT tokens
  • UNDERSTAND JWT vs OPAQUE TOKENS and when each token strategy should be used
  • DESIGN END-TO-END SECURITY ARCHITECTURE used in real enterprise applications
  • BUILD FULL STACK APPLICATION using Angular + Spring Boot secured with Spring Security
  • BUILD FULL STACK AUTH0 POC implementing login, roles, permissions, and JWT-secured APIs
  • BUILD FULL STACK KEYCLOAK POC implementing realm, clients, roles, and secured microservices
  • IMPLEMENT COMPLETE AUTHENTICATION FLOW from frontend login to secured backend APIs
  • APPLY SECURITY BEST PRACTICES and avoid common mistakes in production systems
  • UNDERSTAND KEYCLOAK vs AUTH0 differences and when to choose each

More Course Deals

Check out more discounted courses on CoursesWyn.

Browse All Deals