Modern Security — session content

I recently delivered this session on identity, tokens and access management (permissions) at DEVintersection EU and TechDays Sweden 2015. This session was intended to provide a complete picture of the approach I frequently take when designing security implementations for modern applications today. Feel free to shoot questions as you wish. Twitter is a good place for that @michelebusta

For now I am posting the slides from TechDays here as they are my latest.

I have a rather “rich” code sample that I am cleaning up. It can work with Identity Server 3 or Auth0 to handle authentication and token flow. This provides the comparison of your own authorization server deployment (IDS3) or SaaS (Auth0) and also illustrates some differences in the token flow if you dig under the hood. I spoke to these things during the session.

I plan to add Azure Active Directory (AAD) support as well with the recently released B2C features…once I have a chance to prove my token flow patterns on this platform.

Originally published at michelebusta.com on October 24, 2015.