Back to All Events

Philippe De Ryck

  • Holiday Inn Gent Expo 3 Maaltekouter Saint Denijs-westrem, Vlaanderen, 9051 Belgium (map)

Talk title

Authentication with OpenID Connect in Angular applications

Talk description

User authentication has become so complex that developers should not touch it anymore. Anyone building a modern application should consider using an identity provider that handles authentication. However, doing so requires the use of OpenID Connect (OIDC), which brings its own complexity.

In this talk, we look at securely implementing OIDC in an Angular application. We investigate which flow to use in which scenario. We look at the security properties in OpenID Connect, and how to ensure your application respects them. In the end, you will walk away with practical advice on implementing authentication with OIDC in Angular.

Key takeaways

  • Do not build custom authentication mechanisms

  • Delegate authentication with OpenID Connect

  • Use the right OIDC flow for your application

  • Use a proper library to integrate OIDC

  • Remember that the devil is always in the details

philippe.jpg

About Philippe

Philippe De Ryck helps developers protect companies through better web security. As the founder of Pragmatic Web Security, he travels the world to train developers on web security and security engineering. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. Google recognizes Philippe as a Google Developer Expert for his work on security in Angular applications.

ng-be-2019-talk-7-philippe-de-ryck.png
Earlier Event: December 7
Samantha Brennan