Short nameTitleYearTypeCategoryDuration
AppAuth SDKAppAuth – Native App SDK for OAuth 2.0 and OpenID Connect implementing modern best practices2018SDKApplication development - Integration - AppAuth
AuthO On Flows

Which OAuth 2.0 Flow Should I use - Auth0

2018ArticleOAuth - Grants5min
Barbettini Plain EnglishOAuth 2.0 and OpenID Connect (in plain English)Nate Barbettini2018VideoGeneral62min
Casey's CourseWeb Security: OAuth and OpenID Connect – Keith Casey2018CourseGeneral86min
Intro to JWTIntroduction to JSON Web Tokens – JWT.io2018ArticleJWT - General6min
OAuth on TwitterOAuth 2.0 – @oauth_22018FeedOAuth - General
OAuth Status PagesOAuth Status Pages – IETF OAuth working group2018SpecsOAuth - Specification - Status
OIDC Federation

OpenID Connect Federation 1.0 – OIDF

2018SpecOIDC - Specifiaiton - Federation29min
Parecki OAuth 2.0 ServersOAuth 2.0 Servers – Aaron Parecki (sponsored by Okta)2018ArticleOAuth - General3hr
Parecki The ThingsOAuth all the Things! What is OAuth 2.0?Aaron Parecki2018VideoOAuth - General53min
Spencer Deep DiveAPI Security: Deep Dive into OAuth and OpenID Connect – Travis Spencer2018ArticleGeneral16min
Auth with OAuthUser Authentication with OAuth 2.0 – oauth.net2018ArticleOAuth - General18min
Silverman's PrimerIdentity, Claims, & Tokens - An OpenID Connect Primer – Micah Silverman2017ArticleOIDC - General26min
Broeckelmann I

When To Use Which (OAuth2) Grants and (OIDC) Flows – Robert Broeckelmann

2017ArticleOAuth - Grants10min
Broeckelmann IISAML2 vs JWT: Understanding OAuth2 Robert Broeckelmann2017ArticleOAuth - General16min
Grassi iGov VidThe iGov Profile of OpenID Connect – CIS 2017 – Paul Grassi2017VideoOIDC - Profile22min
iGov OAuth ProfileInternational Government Assurance Profile for OAuth 2.02017SpecOAuth - Profile33min
iGov OIDC ProfileInternational Government Assurance Profile for OpenID Connect 1.02017SpecOIDC - Profile24min
Kawasaki GuideThe Simplest Guide to OAuth 2.0 – Takahiko Kawasaki2017ArticleOAuth - General - Intro6min
Kawasaki FlowsDiagrams And Movies Of All The OAuth 2.0 Flows – Takahiko Kawasaki2017MixOAuth - General8min
OJOU OIDC Fed PicsOIDC Federation in Pictures – Roland Hedberg2017ArticleOIDC - Federation5min
OJOU Materials"OJOU" (OAuth2/JW*/OIDC/UMA) Course MaterialsRoland Hedberg 2017Repo

OJOU Vids"OJOU" (OAuth2/JW*/OIDC/UMA) Course Videos – Roland Hedberg2017Video
Oracle VidsOracle Cloud Primer Series – 9 videos covering OAuth, OIDC, and more2017VideoGeneral48min
Parecki OAuth SimplifiedOAuth 2 Simplified – Aaron Parecki2017?ArticleOAuth - General24min
Parecki 2017OAuth 2 Simplified (Book) – Aaron Parecki2017BookOAuth - General.7 lbs
OAuth ConfusionOAuth Authorization vs Authentication2017ArticleOAuth - General6min
Richer PatternsDeployment and Hosting Patterns in OAuth – Justin Richer2017ArticleOAuth - Use9min
Richer & Sanso 2017

OAuth 2 in Action – Richer & Sanso

2017BookOAuth - General1.2 lbs
What the Heck Okta

What the Heck is OAuth? – Okta (2017)

2017ArticleOAuth - General23min
Bertocci 2016Modern Authentication with Azure Active Directory for Web Applications – Vittorio Bertocci2016BookApplication development - Integration - AAD1.3 lbs
Bilbie GuideA Guide to OAuth 2.0 Grants – Alex Bilbie2016ArticleOAuth - Grants7min
Kawasaki FindingsFull-Scratch Implementor of OAuth and OpenID Connect Talks About FindingsTakahiko Kawasaki2016ArticleOAuth - OIDC - Implementation36min
Le Deng ExplainsOAuth 2 Explained – Le Deng2016VideoOAuth - General11min
Schwartz's VersesOAuth vs. SAML vs. OpenID Connect – Mike Schwartz2016ArticleGeneral4min
OIDC Implementer's

OpenID Connect Basic Client Implementer's Guide 1.0

2015SpecApplication development - OIDC61min
Sanso Top 10Top 10 OAuth 2 Implementation Vulnerabilities – Antonio Sanso2015ArticleOAuth - Security6min
Jenkov TutorialOAuth 2.0 Tutorial – by Jakob Jenkov2014ArticleOAuth - General19min

OpenID Connect Core 1.0

2014SpecOIDC - Specification - Core170min
RFC 6819

OAuth 2.0 Threat Model and Security Considerations – RFC 6819

2013SpecOAuth - Security175min
Sakimura VidIdentity, Authentication + OAuth = OpenID Connect – Nat Sakimura2013VideoGeneral6min
Boyd 2012

Getting Started with OAuth 2.0 – Ryan Boyd

2012BookOAuth - General.25 lbs
Hammer Movin On

OAuth 2.0 - Looking Back and Moving On – Eran Hammer

2012VideoHistory - OAuth30min
Hammer TimeOAuth 2.0 and the Road to Hell – Eran Hammer2012ArticleHistory - OAuth8min
RFC 6749

The OAuth 2.0 Authorization Framework – RFC 6749

2012SpecOAuth - Specification195min
Messina ReflectsWhere should the OpenID Foundation go in 2011? – Chris Messina2011ArticleHistory - OIDC6min
Hammer HistoryOAuth History – Eran Hammer2009ArticleHistory - OAuth6min
IETF 1st OAuth BOFIETF 73 OAuth BOF Minutes 2008ArticleHistory - OAuth5min
Globus Dev Guide

Globus Auth Developer Guide

??ArticleOAuth - Use13min
Google Playground

OAuth 2.0 Playground – Google

LiveSiteOAuth - Playground
Okta PlaygroundOAuth 2.0 Playground – sponsored by OktaLiveSiteOAuth - Playground
OIDC FAQOpenID Connect FAQ and Q&As??ArticleOIDC - General9min
OneLogin on OIDCDev Overview of OpenID Connect – OneLogin??ArticleOIDC6min
ORCID PlaygroundExplore the ORCID API with Google OAuth PlaygroundLiveTutorialOAuth
GluuSecuring the Perimeter: Deploying Identity and Access Management with Free Open Source Software2019BookIAM topics with Gluu as example, including LDAP, Shib, OAuth 2


  1. Estimated durations (duration column) are drawn from the materials themselves or using read-o-meter. Book weights are from Amazon.
  2. Some publish dates (year column) are best guesses or estimates based on activity in related repositories.

  • No labels