SlideShare a Scribd company logo

OAuth 2.0 refresher Talk

M
marcwan

AdWords API and using OAuth 2.0 — Client Login is going away.

TechnologyNews & Politics
1 of 42
Download to read offline
AdWords API Workshops – All rights reserved
OAuth 2.0 +Paul Matthews, Google, Inc. AdWords API Workshops – All rights reserved
Agenda 1. What is OAuth 2.0? 1 2 2. Preparation 3. Obtain an Access Token 3 4. Detail of OAuth 2.0 flows 5. Best practice AdWords API Workshops – All rights reserved 4 5
What is OAuth 2.0? AdWords API Workshops – All rights reserved
What is OAuth 2.0? ● Authorization for AdWords API ● Secure ● Simple ● Standard AdWords API Workshops – All rights reserved
The security of OAuth2 ● No Usernames or Passwords ● Only Tokens ● Specific Access Control ● Restrict Scope ● Easily revoke AdWords API Workshops – All rights reserved
The simplicity of OAuth2 Get Access Ask approval Interact with the AdWords API AdWords API Workshops – All rights reserved
The standard of OAuth2 ● Have you seen the dialog? ● User Consent ● Accept ● Cancel AdWords API Workshops – All rights reserved
The OAuth2 Flow Interact with the AdWords API Grant Access 1) Build URL 3) Exchange Code Your Application 2) Accept Consent The MCC User OAuth2 Servers The AdWords API Google Servers AdWords API Workshops – All rights reserved 4) Make Request 5) Refresh Access
Access comes with 2 Tokens ● access_token ● refresh_token ● For making requests ● Regenerates access_token ● Lifetime 00:60 ● Lifetime indefinite ● Store it! AdWords API Workshops – All rights reserved
Access comes with 2 Tokens ● access_token ● refresh_token ● For making requests ● Regenerates access_token ● Lifetime 00:60 ● Lifetime indefinite ● Store it! AdWords API Workshops – All rights reserved
Access comes with 2 Tokens ● access_token ● refresh_token ● For making requests ● Regenerates access_token ● Lifetime 00:60 ● Lifetime indefinite ● Store it! AdWords API Workshops – All rights reserved
Preparation AdWords API Workshops – All rights reserved
Register your application http://code.google.com/apis/console ● Get an application identifier ● client_id ● client_secret AdWords API Workshops – All rights reserved
Create a new project at Google API Console AdWords API Workshops – All rights reserved
Create an OAuth 2.0 client ID AdWords API Workshops – All rights reserved
Web server or installed application? Choose Installed application unless you have many client accounts that need authorization. Choose Web server application when using many separately authorized accounts. AdWords API Workshops – All rights reserved
Choose your application type Installed Application AdWords API Workshops – All rights reserved
Now, you have client_id and client_secret AdWords API Workshops – All rights reserved
Obtain Access access_token & refresh_token AdWords API Workshops – All rights reserved
Why an Access Token? Get Access & Refresh Tokens Ask approval AdWords API Workshops – All rights reserved
With or without Client Libraries ● With Client Libraries ● Without Client Libraries AdWords API Workshops – All rights reserved
Client Libraries can Help ● Check your library for details! ● Example: ● Run script ● Authorize application ● Add refresh_token to config AdWords API Workshops – All rights reserved
How to get an Access Token 1. Construct URL 2. Obtain Consent 3. Receive Authorization Code 4. Exchange Code for Token 5. Store credentials AdWords API Workshops – All rights reserved
1. Construct a URL https://accounts.google.com/o/oauth2/auth? access_type=offline& scope=https://adwords.google.com/api/adwords& redirect_uri=urn:ietf:wg:oauth:2.0:oob& response_type=code& client_id=xxxxxxx.apps.googleusercontent.com AdWords API Workshops – All rights reserved
2. Obtain Consent ● Send User ● Accept permissions AdWords API Workshops – All rights reserved
3. Receive Authorization Code > Enter authorization code here: 4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu AdWords API Workshops – All rights reserved
4. Exchange Code for Token HTML POST /o/oauth2/token HTTP/1.1 Host: accounts.google.com Content-Type: application/x-www-form-urlencoded code=4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu& client_id=xxxxxxx.apps.googleusercontent.com& client_secret={client_secret}& redirect_uri=& grant_type=authorization_code AdWords API Workshops – All rights reserved
5. Store credentials { "access_token" : "yaxx.xxxxxxxxxxxx", "token_type" : "Bearer", "expires_in" : 3600, "refresh_token" : "1/xxxxxxxxxxxxxxxxxxxg" } AdWords API Workshops – All rights reserved
Detail of OAuth 2.0 Flows AdWords API Workshops – All rights reserved
OAuth 2.0 Flows Google Supports Google supports common OAuth 2.0 scenarios ● Installed applications ● Web server applications ● Applications on limited-input devices AdWords API Workshops – All rights reserved
Differences Between Flows Registration to API Registration Use Console to API Authentication Console Code Client Secret Refresh Token Redirection Installed applications Required Yes Required Available URL, Text Web server applications Required Yes Required Available URL Applications on limited-input device Required - Required Available - AdWords API Workshops – All rights reserved
Offline or Online? Choose offline access when your applications works while a data owner is not in front of your application Offline access is good for typical AdWords API client which access Google Server to fetch user data and set value in background. AdWords API Workshops – All rights reserved
Best Practices AdWords API Workshops – All rights reserved
Best Practices ● Use offline as access type to get a refresh_token ● Store refresh_token to get a new access_token ● Use the MCC structure ● Authorize the top MCC AdWords API Workshops – All rights reserved
Storing & Sharing ● Storing Access Tokens ● Store the timestamp ● Sharing Access Tokens Between Threads AdWords API Workshops – All rights reserved
Useful information for Errors ● AuthenticationError.OAUTH_TOKEN_INVALID ○ On: Access Token expired ○ Resolution: get a new Access Token with Refresh token ● AuthenticationError.INVALID_GRANT_ERROR ○ On: Refresh Token revoked ○ Resolution: re-auth app with user consent AdWords API Workshops – All rights reserved
Appendix AdWords API Workshops – All rights reserved
Resources AdWords API Workshops – All rights reserved
Resources Docs Links: https://developers.google.com/accounts/docs/OAuth2 https://developers.google.com/accounts/docs/OAuth2WebServer https://developers.google.com/accounts/docs/OAuth2InstalledApp https://developers.google.com/adwords/api/docs/authentication#oauth https://code.google.com/apis/console
Questions? AdWords API Workshops – All rights reserved
AdWords API Workshops – All rights reserved

Recommended

Social Single Sign-On with OpenID Connect
Social Single Sign-On with OpenID ConnectSocial Single Sign-On with OpenID Connect
Social Single Sign-On with OpenID ConnectJames Melville
 
Using a Third Party Key Management System with WSO2 API Manager
Using a Third Party Key Management System with WSO2 API ManagerUsing a Third Party Key Management System with WSO2 API Manager
Using a Third Party Key Management System with WSO2 API ManagerWSO2
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...
I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...
I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...Apigee | Google Cloud
 
I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop
I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop
I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop Apigee | Google Cloud
 
I Love APIs 2015: Crash Course Foundational Topics in Apigee Edge Workshop
I Love APIs 2015: Crash Course Foundational Topics in Apigee Edge WorkshopI Love APIs 2015: Crash Course Foundational Topics in Apigee Edge Workshop
I Love APIs 2015: Crash Course Foundational Topics in Apigee Edge WorkshopApigee | Google Cloud
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Bram de Jager
 

Recommended

Social Single Sign-On with OpenID Connect
Social Single Sign-On with OpenID ConnectSocial Single Sign-On with OpenID Connect
Social Single Sign-On with OpenID ConnectJames Melville
 
Using a Third Party Key Management System with WSO2 API Manager
Using a Third Party Key Management System with WSO2 API ManagerUsing a Third Party Key Management System with WSO2 API Manager
Using a Third Party Key Management System with WSO2 API ManagerWSO2
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...
I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...
I Love APIs 2015: Advanced Security Extensions in Apigee Edge - HMAC and http...Apigee | Google Cloud
 
I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop
I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop
I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop Apigee | Google Cloud
 
I Love APIs 2015: Crash Course Foundational Topics in Apigee Edge Workshop
I Love APIs 2015: Crash Course Foundational Topics in Apigee Edge WorkshopI Love APIs 2015: Crash Course Foundational Topics in Apigee Edge Workshop
I Love APIs 2015: Crash Course Foundational Topics in Apigee Edge WorkshopApigee | Google Cloud
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...
Developing SharePoint 2013 apps with Visual Studio 2012 - SharePoint Connecti...Bram de Jager
 
API Services: Harness the Power of Enterprise Infrastructure
API Services: Harness the Power of Enterprise InfrastructureAPI Services: Harness the Power of Enterprise Infrastructure
API Services: Harness the Power of Enterprise InfrastructureApigee | Google Cloud
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
WSO2 API Manager - Product Overview
WSO2 API Manager - Product OverviewWSO2 API Manager - Product Overview
WSO2 API Manager - Product OverviewWSO2
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager WSO2
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 
WSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2
 
Live search presentation
Live search presentationLive search presentation
Live search presentationStanislavIdolov
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalNCCOMMS
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerWSO2
 
Let’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformLet’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformIpro Tech
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerWSO2
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security LifecycleApigee | Google Cloud
 
Api days 2018 - API Security by Sqreen
Api days 2018 - API Security by SqreenApi days 2018 - API Security by Sqreen
Api days 2018 - API Security by SqreenSqreen
 
[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key ManagerWSO2
 
Mastering Office 365 Development
Mastering Office 365 DevelopmentMastering Office 365 Development
Mastering Office 365 Developmentatwork
 
MS_Learning_Transcript (6).PDF
MS_Learning_Transcript (6).PDFMS_Learning_Transcript (6).PDF
MS_Learning_Transcript (6).PDFBilal Ahmed
 
Customizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerCustomizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerWSO2
 
Modernizing an Existing SOA-based Architecture with APIs
Modernizing an Existing SOA-based Architecture with APIsModernizing an Existing SOA-based Architecture with APIs
Modernizing an Existing SOA-based Architecture with APIsApigee | Google Cloud
 
Introduction to sitecore identity
Introduction to sitecore identityIntroduction to sitecore identity
Introduction to sitecore identityGopikrishna Gujjula
 
An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager WSO2
 
AdWords Scripts (Spanish)
AdWords Scripts (Spanish)AdWords Scripts (Spanish)
AdWords Scripts (Spanish)marcwan
 
Amazon Aurora: The New Relational Database Engine from Amazon
Amazon Aurora: The New Relational Database Engine from AmazonAmazon Aurora: The New Relational Database Engine from Amazon
Amazon Aurora: The New Relational Database Engine from AmazonAmazon Web Services
 

More Related Content

What's hot

API Services: Harness the Power of Enterprise Infrastructure
API Services: Harness the Power of Enterprise InfrastructureAPI Services: Harness the Power of Enterprise Infrastructure
API Services: Harness the Power of Enterprise InfrastructureApigee | Google Cloud
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
WSO2 API Manager - Product Overview
WSO2 API Manager - Product OverviewWSO2 API Manager - Product Overview
WSO2 API Manager - Product OverviewWSO2
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager WSO2
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 
WSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2
 
Live search presentation
Live search presentationLive search presentation
Live search presentationStanislavIdolov
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalNCCOMMS
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerWSO2
 
Let’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformLet’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformIpro Tech
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerWSO2
 
Api days 2018 - API Security by Sqreen
Api days 2018 - API Security by SqreenApi days 2018 - API Security by Sqreen
Api days 2018 - API Security by SqreenSqreen
 
[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key ManagerWSO2
 
Mastering Office 365 Development
Mastering Office 365 DevelopmentMastering Office 365 Development
Mastering Office 365 Developmentatwork
 
MS_Learning_Transcript (6).PDF
MS_Learning_Transcript (6).PDFMS_Learning_Transcript (6).PDF
MS_Learning_Transcript (6).PDFBilal Ahmed
 
Customizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerCustomizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerWSO2
 
Modernizing an Existing SOA-based Architecture with APIs
Modernizing an Existing SOA-based Architecture with APIsModernizing an Existing SOA-based Architecture with APIs
Modernizing an Existing SOA-based Architecture with APIsApigee | Google Cloud
 
Introduction to sitecore identity
Introduction to sitecore identityIntroduction to sitecore identity
Introduction to sitecore identityGopikrishna Gujjula
 
An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager WSO2
 

What's hot (20)

API Services: Harness the Power of Enterprise Infrastructure
API Services: Harness the Power of Enterprise InfrastructureAPI Services: Harness the Power of Enterprise Infrastructure
API Services: Harness the Power of Enterprise Infrastructure
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and Guidelines
 
WSO2 API Manager - Product Overview
WSO2 API Manager - Product OverviewWSO2 API Manager - Product Overview
WSO2 API Manager - Product Overview
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
WSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and Roadmap
 
Live search presentation
Live search presentationLive search presentation
Live search presentation
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API Manager
 
Let’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformLet’s Talk About the Ipro Platform
Let’s Talk About the Ipro Platform
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API Manager
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security Lifecycle
 
Api days 2018 - API Security by Sqreen
Api days 2018 - API Security by SqreenApi days 2018 - API Security by Sqreen
Api days 2018 - API Security by Sqreen
 
[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager
 
Mastering Office 365 Development
Mastering Office 365 DevelopmentMastering Office 365 Development
Mastering Office 365 Development
 
MS_Learning_Transcript (6).PDF
MS_Learning_Transcript (6).PDFMS_Learning_Transcript (6).PDF
MS_Learning_Transcript (6).PDF
 
Customizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerCustomizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API Manager
 
Modernizing an Existing SOA-based Architecture with APIs
Modernizing an Existing SOA-based Architecture with APIsModernizing an Existing SOA-based Architecture with APIs
Modernizing an Existing SOA-based Architecture with APIs
 
Introduction to sitecore identity
Introduction to sitecore identityIntroduction to sitecore identity
Introduction to sitecore identity
 
An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager
 

Viewers also liked

AdWords Scripts (Spanish)
AdWords Scripts (Spanish)AdWords Scripts (Spanish)
AdWords Scripts (Spanish)marcwan
 
Amazon Aurora: The New Relational Database Engine from Amazon
Amazon Aurora: The New Relational Database Engine from AmazonAmazon Aurora: The New Relational Database Engine from Amazon
Amazon Aurora: The New Relational Database Engine from AmazonAmazon Web Services
 
Self Service Agile Infrastructure for Product Teams - Pop-up Loft Tel Aviv
Self Service Agile Infrastructure for Product Teams - Pop-up Loft Tel AvivSelf Service Agile Infrastructure for Product Teams - Pop-up Loft Tel Aviv
Self Service Agile Infrastructure for Product Teams - Pop-up Loft Tel AvivAmazon Web Services
 
Deep Dive: Amazon Elastic MapReduce
Deep Dive: Amazon Elastic MapReduceDeep Dive: Amazon Elastic MapReduce
Deep Dive: Amazon Elastic MapReduceAmazon Web Services
 
Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...
Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...
Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...Holden Karau
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
Reporting tips & tricks
Reporting tips & tricksReporting tips & tricks
Reporting tips & tricksmarcwan
 
Py.test
Py.testPy.test
Py.testsoasme
 
Masterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM RolesMasterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM RolesMalcolm Duncanson, CISSP
 
(CMP407) Lambda as Cron: Scheduling Invocations in AWS Lambda
(CMP407) Lambda as Cron: Scheduling Invocations in AWS Lambda(CMP407) Lambda as Cron: Scheduling Invocations in AWS Lambda
(CMP407) Lambda as Cron: Scheduling Invocations in AWS LambdaAmazon Web Services
 
AdWords API Feed Services
AdWords API Feed ServicesAdWords API Feed Services
AdWords API Feed Servicesmarcwan
 
Deep Dive - Amazon Elastic MapReduce (EMR)
Deep Dive - Amazon Elastic MapReduce (EMR)Deep Dive - Amazon Elastic MapReduce (EMR)
Deep Dive - Amazon Elastic MapReduce (EMR)Amazon Web Services
 
Building the enterprise data architecture
Building the enterprise data architectureBuilding the enterprise data architecture
Building the enterprise data architectureCosta Pissaris
 
Enterprise Master Data Architecture
Enterprise Master Data ArchitectureEnterprise Master Data Architecture
Enterprise Master Data ArchitectureBoris Otto
 
Spark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and R
Spark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and RSpark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and R
Spark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and RDatabricks
 
Understanding Memory Management In Spark For Fun And Profit
Understanding Memory Management In Spark For Fun And ProfitUnderstanding Memory Management In Spark For Fun And Profit
Understanding Memory Management In Spark For Fun And ProfitSpark Summit
 
Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...
Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...
Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...Databricks
 
(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live By(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live ByAmazon Web Services
 
Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...
Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...
Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...Databricks
 

Viewers also liked (20)

AdWords Scripts (Spanish)
AdWords Scripts (Spanish)AdWords Scripts (Spanish)
AdWords Scripts (Spanish)
 
Amazon Aurora: The New Relational Database Engine from Amazon
Amazon Aurora: The New Relational Database Engine from AmazonAmazon Aurora: The New Relational Database Engine from Amazon
Amazon Aurora: The New Relational Database Engine from Amazon
 
Self Service Agile Infrastructure for Product Teams - Pop-up Loft Tel Aviv
Self Service Agile Infrastructure for Product Teams - Pop-up Loft Tel AvivSelf Service Agile Infrastructure for Product Teams - Pop-up Loft Tel Aviv
Self Service Agile Infrastructure for Product Teams - Pop-up Loft Tel Aviv
 
Deep Dive: Amazon Elastic MapReduce
Deep Dive: Amazon Elastic MapReduceDeep Dive: Amazon Elastic MapReduce
Deep Dive: Amazon Elastic MapReduce
 
Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...
Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...
Beyond Shuffling - Effective Tips and Tricks for Scaling Spark (Vancouver Sp...
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
 
Reporting tips & tricks
Reporting tips & tricksReporting tips & tricks
Reporting tips & tricks
 
Py.test
Py.testPy.test
Py.test
 
Survival Analysis of Web Users
Survival Analysis of Web UsersSurvival Analysis of Web Users
Survival Analysis of Web Users
 
Masterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM RolesMasterless Puppet Using AWS S3 Buckets and IAM Roles
Masterless Puppet Using AWS S3 Buckets and IAM Roles
 
(CMP407) Lambda as Cron: Scheduling Invocations in AWS Lambda
(CMP407) Lambda as Cron: Scheduling Invocations in AWS Lambda(CMP407) Lambda as Cron: Scheduling Invocations in AWS Lambda
(CMP407) Lambda as Cron: Scheduling Invocations in AWS Lambda
 
AdWords API Feed Services
AdWords API Feed ServicesAdWords API Feed Services
AdWords API Feed Services
 
Deep Dive - Amazon Elastic MapReduce (EMR)
Deep Dive - Amazon Elastic MapReduce (EMR)Deep Dive - Amazon Elastic MapReduce (EMR)
Deep Dive - Amazon Elastic MapReduce (EMR)
 
Building the enterprise data architecture
Building the enterprise data architectureBuilding the enterprise data architecture
Building the enterprise data architecture
 
Enterprise Master Data Architecture
Enterprise Master Data ArchitectureEnterprise Master Data Architecture
Enterprise Master Data Architecture
 
Spark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and R
Spark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and RSpark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and R
Spark Summit EU 2015: Combining the Strengths of MLlib, scikit-learn, and R
 
Understanding Memory Management In Spark For Fun And Profit
Understanding Memory Management In Spark For Fun And ProfitUnderstanding Memory Management In Spark For Fun And Profit
Understanding Memory Management In Spark For Fun And Profit
 
Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...
Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...
Spark DataFrames: Simple and Fast Analytics on Structured Data at Spark Summi...
 
(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live By(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live By
 
Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...
Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...
Spark Summit EU 2015: Spark DataFrames: Simple and Fast Analysis of Structure...
 

Similar to OAuth 2.0 refresher Talk

Application Security in ASP.NET Core
Application Security in ASP.NET CoreApplication Security in ASP.NET Core
Application Security in ASP.NET CoreNETUserGroupBern
 
OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0 marcwan
 
Developing Apps with Azure AD
Developing Apps with Azure ADDeveloping Apps with Azure AD
Developing Apps with Azure ADSharePointRadi
 
O365 saturday: How to (remote) control office 365 with windows azure-slideshare
O365 saturday: How to (remote) control office 365 with windows azure-slideshareO365 saturday: How to (remote) control office 365 with windows azure-slideshare
O365 saturday: How to (remote) control office 365 with windows azure-slideshareatwork
 
Accessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) webAccessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) webFelix Arntz
 
API Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIsAPI Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIsApigee | Google Cloud
 
How to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIsHow to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIsWSO2
 
WSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIsWSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIsDassana Wijesekara
 
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2
 
Securing .NET Core, ASP.NET Core applications
Securing .NET Core, ASP.NET Core applicationsSecuring .NET Core, ASP.NET Core applications
Securing .NET Core, ASP.NET Core applicationsNETUserGroupBern
 
Exploring Google APIs 102: Cloud vs. non-GCP Google APIs
Exploring Google APIs 102: Cloud vs. non-GCP Google APIsExploring Google APIs 102: Cloud vs. non-GCP Google APIs
Exploring Google APIs 102: Cloud vs. non-GCP Google APIswesley chun
 
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Hamida Rebai Trabelsi
 
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...Restlet
 
AdWords Scripts
AdWords ScriptsAdWords Scripts
AdWords Scriptsmarcwan
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...atwork
 
AwReporting Tool
AwReporting ToolAwReporting Tool
AwReporting Toolmarcwan
 
AdWords API and OAuth 2.0
AdWords API and OAuth 2.0AdWords API and OAuth 2.0
AdWords API and OAuth 2.0marcwan
 
New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024ThousandEyes
 

Similar to OAuth 2.0 refresher Talk (20)

Application Security in ASP.NET Core
Application Security in ASP.NET CoreApplication Security in ASP.NET Core
Application Security in ASP.NET Core
 
OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0
 
Developing Apps with Azure AD
Developing Apps with Azure ADDeveloping Apps with Azure AD
Developing Apps with Azure AD
 
O365 saturday: How to (remote) control office 365 with windows azure-slideshare
O365 saturday: How to (remote) control office 365 with windows azure-slideshareO365 saturday: How to (remote) control office 365 with windows azure-slideshare
O365 saturday: How to (remote) control office 365 with windows azure-slideshare
 
Accessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) webAccessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) web
 
API Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIsAPI Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIs
 
How to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIsHow to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIs
 
WSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIsWSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIs
 
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
 
Securing .NET Core, ASP.NET Core applications
Securing .NET Core, ASP.NET Core applicationsSecuring .NET Core, ASP.NET Core applications
Securing .NET Core, ASP.NET Core applications
 
Exploring Google APIs 102: Cloud vs. non-GCP Google APIs
Exploring Google APIs 102: Cloud vs. non-GCP Google APIsExploring Google APIs 102: Cloud vs. non-GCP Google APIs
Exploring Google APIs 102: Cloud vs. non-GCP Google APIs
 
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
 
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
 
AdWords Scripts
AdWords ScriptsAdWords Scripts
AdWords Scripts
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
 
AwReporting Tool
AwReporting ToolAwReporting Tool
AwReporting Tool
 
Intro to web api with dynamics 365
Intro to web api with dynamics 365Intro to web api with dynamics 365
Intro to web api with dynamics 365
 
AdWords API and OAuth 2.0
AdWords API and OAuth 2.0AdWords API and OAuth 2.0
AdWords API and OAuth 2.0
 
API Security with OAuth2.0.
API Security with OAuth2.0.API Security with OAuth2.0.
API Security with OAuth2.0.
 
New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024
 

More from marcwan

Mcc scripts deck (日本語)
Mcc scripts deck (日本語)Mcc scripts deck (日本語)
Mcc scripts deck (日本語)marcwan
 
Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APImarcwan
 
Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)marcwan
 
Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)marcwan
 
Opportunity Analysis with Kratu
Opportunity Analysis with KratuOpportunity Analysis with Kratu
Opportunity Analysis with Kratumarcwan
 
07. feeds update
07. feeds update07. feeds update
07. feeds updatemarcwan
 
AdWords API & OAuth 2.0, Advanced
AdWords API & OAuth 2.0, Advanced AdWords API & OAuth 2.0, Advanced
AdWords API & OAuth 2.0, Advanced marcwan
 
AdWords Scripts and MCC Scripting
AdWords Scripts and MCC ScriptingAdWords Scripts and MCC Scripting
AdWords Scripts and MCC Scriptingmarcwan
 
AwReporting Update
AwReporting UpdateAwReporting Update
AwReporting Updatemarcwan
 
Getting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google AnalyticsGetting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google Analyticsmarcwan
 
Shopping Campaigns and AdWords API
Shopping Campaigns and AdWords APIShopping Campaigns and AdWords API
Shopping Campaigns and AdWords APImarcwan
 
API Updates for v201402
API Updates for v201402API Updates for v201402
API Updates for v201402marcwan
 
AdWords API Targeting Options
AdWords API Targeting OptionsAdWords API Targeting Options
AdWords API Targeting Optionsmarcwan
 
Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)marcwan
 
Rate limits and performance (Spanish)
Rate limits and performance (Spanish)Rate limits and performance (Spanish)
Rate limits and performance (Spanish)marcwan
 
OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)marcwan
 
End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)marcwan
 
AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)marcwan
 
Api update rundown (Spanish)
Api update rundown (Spanish)Api update rundown (Spanish)
Api update rundown (Spanish)marcwan
 
Mobile landing pages (Spanish)
Mobile landing pages (Spanish)Mobile landing pages (Spanish)
Mobile landing pages (Spanish)marcwan
 

More from marcwan (20)

Mcc scripts deck (日本語)
Mcc scripts deck (日本語)Mcc scripts deck (日本語)
Mcc scripts deck (日本語)
 
Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords API
 
Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)
 
Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)
 
Opportunity Analysis with Kratu
Opportunity Analysis with KratuOpportunity Analysis with Kratu
Opportunity Analysis with Kratu
 
07. feeds update
07. feeds update07. feeds update
07. feeds update
 
AdWords API & OAuth 2.0, Advanced
AdWords API & OAuth 2.0, Advanced AdWords API & OAuth 2.0, Advanced
AdWords API & OAuth 2.0, Advanced
 
AdWords Scripts and MCC Scripting
AdWords Scripts and MCC ScriptingAdWords Scripts and MCC Scripting
AdWords Scripts and MCC Scripting
 
AwReporting Update
AwReporting UpdateAwReporting Update
AwReporting Update
 
Getting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google AnalyticsGetting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google Analytics
 
Shopping Campaigns and AdWords API
Shopping Campaigns and AdWords APIShopping Campaigns and AdWords API
Shopping Campaigns and AdWords API
 
API Updates for v201402
API Updates for v201402API Updates for v201402
API Updates for v201402
 
AdWords API Targeting Options
AdWords API Targeting OptionsAdWords API Targeting Options
AdWords API Targeting Options
 
Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)
 
Rate limits and performance (Spanish)
Rate limits and performance (Spanish)Rate limits and performance (Spanish)
Rate limits and performance (Spanish)
 
OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)
 
End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)
 
AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)
 
Api update rundown (Spanish)
Api update rundown (Spanish)Api update rundown (Spanish)
Api update rundown (Spanish)
 
Mobile landing pages (Spanish)
Mobile landing pages (Spanish)Mobile landing pages (Spanish)
Mobile landing pages (Spanish)
 

Recently uploaded

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

OAuth 2.0 refresher Talk

  • 1. AdWords API Workshops – All rights reserved
  • 2. OAuth 2.0 +Paul Matthews, Google, Inc. AdWords API Workshops – All rights reserved
  • 3. Agenda 1. What is OAuth 2.0? 1 2 2. Preparation 3. Obtain an Access Token 3 4. Detail of OAuth 2.0 flows 5. Best practice AdWords API Workshops – All rights reserved 4 5
  • 4. What is OAuth 2.0? AdWords API Workshops – All rights reserved
  • 5. What is OAuth 2.0? ● Authorization for AdWords API ● Secure ● Simple ● Standard AdWords API Workshops – All rights reserved
  • 6. The security of OAuth2 ● No Usernames or Passwords ● Only Tokens ● Specific Access Control ● Restrict Scope ● Easily revoke AdWords API Workshops – All rights reserved
  • 7. The simplicity of OAuth2 Get Access Ask approval Interact with the AdWords API AdWords API Workshops – All rights reserved
  • 8. The standard of OAuth2 ● Have you seen the dialog? ● User Consent ● Accept ● Cancel AdWords API Workshops – All rights reserved
  • 9. The OAuth2 Flow Interact with the AdWords API Grant Access 1) Build URL 3) Exchange Code Your Application 2) Accept Consent The MCC User OAuth2 Servers The AdWords API Google Servers AdWords API Workshops – All rights reserved 4) Make Request 5) Refresh Access
  • 10. Access comes with 2 Tokens ● access_token ● refresh_token ● For making requests ● Regenerates access_token ● Lifetime 00:60 ● Lifetime indefinite ● Store it! AdWords API Workshops – All rights reserved
  • 11. Access comes with 2 Tokens ● access_token ● refresh_token ● For making requests ● Regenerates access_token ● Lifetime 00:60 ● Lifetime indefinite ● Store it! AdWords API Workshops – All rights reserved
  • 12. Access comes with 2 Tokens ● access_token ● refresh_token ● For making requests ● Regenerates access_token ● Lifetime 00:60 ● Lifetime indefinite ● Store it! AdWords API Workshops – All rights reserved
  • 13. Preparation AdWords API Workshops – All rights reserved
  • 14. Register your application http://code.google.com/apis/console ● Get an application identifier ● client_id ● client_secret AdWords API Workshops – All rights reserved
  • 15. Create a new project at Google API Console AdWords API Workshops – All rights reserved
  • 16. Create an OAuth 2.0 client ID AdWords API Workshops – All rights reserved
  • 17. Web server or installed application? Choose Installed application unless you have many client accounts that need authorization. Choose Web server application when using many separately authorized accounts. AdWords API Workshops – All rights reserved
  • 18. Choose your application type Installed Application AdWords API Workshops – All rights reserved
  • 19. Now, you have client_id and client_secret AdWords API Workshops – All rights reserved
  • 20. Obtain Access access_token & refresh_token AdWords API Workshops – All rights reserved
  • 21. Why an Access Token? Get Access & Refresh Tokens Ask approval AdWords API Workshops – All rights reserved
  • 22. With or without Client Libraries ● With Client Libraries ● Without Client Libraries AdWords API Workshops – All rights reserved
  • 23. Client Libraries can Help ● Check your library for details! ● Example: ● Run script ● Authorize application ● Add refresh_token to config AdWords API Workshops – All rights reserved
  • 24. How to get an Access Token 1. Construct URL 2. Obtain Consent 3. Receive Authorization Code 4. Exchange Code for Token 5. Store credentials AdWords API Workshops – All rights reserved
  • 25. 1. Construct a URL https://accounts.google.com/o/oauth2/auth? access_type=offline& scope=https://adwords.google.com/api/adwords& redirect_uri=urn:ietf:wg:oauth:2.0:oob& response_type=code& client_id=xxxxxxx.apps.googleusercontent.com AdWords API Workshops – All rights reserved
  • 26. 2. Obtain Consent ● Send User ● Accept permissions AdWords API Workshops – All rights reserved
  • 27. 3. Receive Authorization Code > Enter authorization code here: 4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu AdWords API Workshops – All rights reserved
  • 28. 4. Exchange Code for Token HTML POST /o/oauth2/token HTTP/1.1 Host: accounts.google.com Content-Type: application/x-www-form-urlencoded code=4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu& client_id=xxxxxxx.apps.googleusercontent.com& client_secret={client_secret}& redirect_uri=& grant_type=authorization_code AdWords API Workshops – All rights reserved
  • 29. 5. Store credentials { "access_token" : "yaxx.xxxxxxxxxxxx", "token_type" : "Bearer", "expires_in" : 3600, "refresh_token" : "1/xxxxxxxxxxxxxxxxxxxg" } AdWords API Workshops – All rights reserved
  • 30. Detail of OAuth 2.0 Flows AdWords API Workshops – All rights reserved
  • 31. OAuth 2.0 Flows Google Supports Google supports common OAuth 2.0 scenarios ● Installed applications ● Web server applications ● Applications on limited-input devices AdWords API Workshops – All rights reserved
  • 32. Differences Between Flows Registration to API Registration Use Console to API Authentication Console Code Client Secret Refresh Token Redirection Installed applications Required Yes Required Available URL, Text Web server applications Required Yes Required Available URL Applications on limited-input device Required - Required Available - AdWords API Workshops – All rights reserved
  • 33. Offline or Online? Choose offline access when your applications works while a data owner is not in front of your application Offline access is good for typical AdWords API client which access Google Server to fetch user data and set value in background. AdWords API Workshops – All rights reserved
  • 34. Best Practices AdWords API Workshops – All rights reserved
  • 35. Best Practices ● Use offline as access type to get a refresh_token ● Store refresh_token to get a new access_token ● Use the MCC structure ● Authorize the top MCC AdWords API Workshops – All rights reserved
  • 36. Storing & Sharing ● Storing Access Tokens ● Store the timestamp ● Sharing Access Tokens Between Threads AdWords API Workshops – All rights reserved
  • 37. Useful information for Errors ● AuthenticationError.OAUTH_TOKEN_INVALID ○ On: Access Token expired ○ Resolution: get a new Access Token with Refresh token ● AuthenticationError.INVALID_GRANT_ERROR ○ On: Refresh Token revoked ○ Resolution: re-auth app with user consent AdWords API Workshops – All rights reserved
  • 38. Appendix AdWords API Workshops – All rights reserved
  • 39. Resources AdWords API Workshops – All rights reserved
  • 41. Questions? AdWords API Workshops – All rights reserved
  • 42. AdWords API Workshops – All rights reserved