Check out the free virtual workshops on how to take your SaaS app to the next level in the enterprise-ready identity journey!

What's New with OAuth and OpenID Connect?

What's New with OAuth and OpenID Connect?

In this video you’ll learn about the latest developments in the OAuth and OpenID Connect specs from Aaron Parecki, a regular contributor to the OAuth working group. The latest additions to the specs enable richer experiences and better security for applications using OAuth.

In this video:

  • 4:59 Mutual TLS
  • 6:43 Resource Indicators
  • 8:20 OAuth 2.0 Security Best Current Practice
  • 17:47 OAuth for Browser-Based Apps
  • 19:52 JWT Profile for Access Tokens
  • 20:39 Rich Authorization Requests (RAR)
  • 22:22 Pushed Authorization Requests (PAR)
  • 23:49 JWT Authorization Requests (JAR)
  • 25:34 OAuth 2.1
  • 29:12 OAuth 3 / TXAuth

Learn More About OAuth and OpenID Connect

Check out some of our other videos!

If you like this video and want to see more like it, follow @oktadev on Twitter, subscribe to our YouTube channel, or follow us on LinkedIn. As always, please leave a comment on the YouTube video if you have any questions.

Aaron Parecki is a Senior Security Architect at Okta. He is the author of OAuth 2.0 Simplified, and maintains He regularly writes and gives talks about OAuth and online security. He is an editor of several internet specs, and is the co-founder of IndieWebCamp, a conference focusing on data ownership and online identity. Aaron has spoken at conferences around the world about OAuth, data ownership, quantified self, and home automation, and his work has been featured in Wired, Fast Company and more.