Tired of writing the login part of your application? Would you rather work what your API actually does rather than work on securing it? Want to know what identity, authorization, and authentication are, and how you can use them to create applications that give your users great, secure experiences?
Then you’ll want to attend Okta’s and Auth0’s virtual developer day, Auth for All, which happens on Tuesday, August 24! The theme will be “Build the future of identity with us,” and it’ll be a day of celebrating developers around the world while learning how identity empowers builders of all kinds to innovate.
And in case you were wondering…
The agenda
| When | Session |
| 1:00 p.m. EDT / 10:00 a.m. PDT | Platform + Chat Room Opens |
| 1:30 p.m. EDT to 2:15 p.m. EDT / 10:30 a.m. PDT to 11:15 a.m. PDT | Opening Keynote: Build the Future of Identity with Us In today’s keynote, we’ll kick off Developer Day by celebrating developers like you building for the web, mobile, cloud infrastructure, and everywhere else code runs around the world. Then, lifelong hacker and security expert Alyssa Miller will share updates from the world of cyber security that will help you build your apps and infrastructure with |
| 2:30 a.m. EDT to 3:00 p.m. EDT / 11:30 p.m. PDT to 12:00 p.m. PDT | Traveling Through a Secure API in Python In this talk, we will see how you can use Python and Auth0 together to build your very own “Where Have I Been” map! I will walk you through all the steps we will need starting from scratch. From building the first API endpoints, protecting the endpoints that create new markers, all the data manipulation, and even deployment! |
| 2:30 a.m. EDT to 3:00 p.m. EDT / 11:30 p.m. PDT to 12:00 p.m. PDT | Auth for IOT: Securing Your Smart Home Have you moved into a new house and want to automate all the things? Sounds pretty cool, right? Just one tiny concern: how secure is it to use “smart home” devices? Should you create your own software to control your blinds? What about hacking your cameras? The world of IoT (Internet of Things) has so many options to choose from but very little guidance about how secure they are, and how you as a developer can prevent unauthorized access. In this session, we will go over what you can do with existing platforms like Alexa and roll your own DIY projects to lock down who can use them – YOU. |
| 2:30 a.m. EDT to 3:00 p.m. EDT / 11:30 p.m. PDT to 12:00 p.m. PDT | OAuth: Past, Present, and Future OAuth is the foundation of most of modern online security, used everywhere from signing in to mobile apps to protecting your bank accounts. Despite its ubiquity, there are still many misconceptions about OAuth and OpenID Connect in the wild. In this session you’ll learn about the background and original motivations that drove the creation of OAuth, how OAuth and OpenID Connect are used today to provide secure online experiences, as well as the latest developments and future work within the OAuth and OpenID Connect communities. This session will cover the many new RFCs that have been published since the original draft of OAuth 2.0, which both add and remove functionality from the core spec. These include OAuth 2.0 for Native Apps, Proof Key for Code Exchange, OAuth 2.0 Security Best Current Practice, as well as some in-progress and experimental drafts such as JWT Access Tokens, Rich Authorization Requests, and various Proof of Possession techniques. This session will cover the current status of this ongoing work and what you need to know to be prepared for the future. |
| 3:15 p.m. 3:15 p.m. EDT to 3:45 p.m. EDT / 12:15 p.m. PDT to 12:45 p.m. PDT | Authenticating Your Next(js) Jamstack App |
| 3:15 p.m. EDT to 3:45 p.m. EDT / 12:15 p.m. PDT to 12:45 p.m. PDT | Inclusive Digital Identity and Web Monetization for Earning Online Digital IDs controlled by the users enables users to seamlessly onboard to any web app or platform. With Web Monetization, users can earn freely and spend freely from their digital Identity connected wallets. This talk with highlight two open standards, the Verifiable Credential Standard and the Web Monetization Standard and show how developers can build with them today. |
| 3:15 p.m. EDT to 3:45 p.m. EDT / 12:15 p.m. PDT to 12:45 p.m. PDT | Seamlessly Integrate Identity Into Your APIs with Okta and Kong Learn how to implement powerful new authentication and authorization scenarios with Kong and Okta. In this demo-heavy session, we will show you how to do sophisticated API access and API management flows with OIDC and OAuth – including how to plug in Identity into your CI/CD pipelines. |
| 4:00 p.m. EDT to 4:30 p.m. EDT / 1:00 p.m. PDT to 1:30 p.m. PDT | Shift-Left DevOps for Your APIs with Okta and JFrog With Okta and JFrog, strengthen your shift-left DevSecOps strategy by validating the security of your application’s REST API endpoints before you release to production and to your customers. Learn how you can use Okta and JFrog to automate the validation of your authentication and authorization policies for your REST APIs. |
| 4:00 p.m. EDT to 4:30 p.m. EDT / 1:00 p.m. PDT to 1:30 p.m. PDT | OAuth for Game and XR Developers Gaming and XR technology represent a wild west for identity security. The industry itself is one of the most highly targeted and breach prone in all of tech, yet security is commonly prioritized last. Often user experience is emphasised over security and best practice standards are not always a perfect fit for some target platforms such as consoles or headsets. With constantly increasing demand for interconnected experiences in gaming, growing reliance on cloud based backend solutions, and the increased collection of player data occurring as players become the product, security has become paramount for game developers. In this talk, we will deep dive into how game and XR developers can balance experience and security using the security best practice standard OAuth. We will discuss the basics of OAuth, designing experiences for different target platforms, and using a player’s authorization to interact with other cloud based backend solutions. This session is intended for game/XR developers, or developers who are interested in game/XR development, and assumes a basic level of development knowledge with related engines and tech. Existing experience with identity security best practices and OAuth are not required. |
| 4:00 p.m. EDT to 4:30 p.m. EDT / 1:00 p.m. PDT to 1:30 p.m. PDT | Securing Authorization In Your Web Apps |
| 4:45 p.m. EDT to 5:15 p.m. EDT / 1:45 p.m. PDT to 2:15 p.m. PDT | Closing Keynote with Cassidy Williams |
| 7:00 p.m. EDT / 4:00 p.m. PDT | Chat Room Closes |
Once again, I remind you…