OIDC - Debugging OIDC
When things break, how do you fix them? Master tools like jwt.io and OIDC Debuggers to inspect raw tokens and troubleshoot common errors like invalid_grant or mismatched redirect URIs.
OIDC - B2B vs. B2C Patterns
Enterprise needs differ from consumer apps. We’ll explore architectures for multi-tenancy, organization-specific login policies, and "Identity Brokering" (Log in with Google/Microsoft).
OIDC - ACR & AMR (Authentication Context Class Reference)
Not all logins are equal. Use these values to demand higher security standards—like forcing Multi-Factor Authentication (MFA)—or to audit exactly how a user authenticated (e.g., password vs. bio).
OIDC - Dynamic Client Registration
Move beyond manual setup. Learn how Relying Parties can programmatically register with OpenID Providers, automating the exchange of client IDs and secrets for scalable, multi-tenant architectures.
OIDC - Session Management & Logout
Logging in is easy; logging out is hard. We’ll tackle Single Logout (SLO), distinguishing between front-channel and back-channel mechanisms to ensure sessions are terminated cleanly across all apps.
Member discussion