Filip Hanik and Sree Tummidi talk about the OpenID Connect and OAuth 2, sharing their experiences building the CF User Authentication and Account management project, and OpenID Connect implementation.
Alan Ho and Sandeep Murusupalli discuss the right type of protection (OAuth/Throttling) and monitoring (e.g. bot monitoring) needed to be put in place to properly manage microservices.
Ryan Lane talks about the concepts and tooling for wrangling identity, access management, and secrets (passwords, ssl certificates, access tokens, etc.) in cloud services.
Phil Nash takes a look at generating one time passwords, implementing two-factor authentication in web applications and the use cases for QR codes.
Shiva Narayanaswamy discusses event driven architectures, serverless architectures, identity management and security related to building APIs in the cloud.
Will Tran talks about the authentication and authorization scenarios that one may encounter once he starts building out microservices.
Eleanor McHugh shares insights on digital privacy, encouraging others to gather the minimum information possible about their users in order to serve their needs.
Paul Moreno shows how to federate AWS IAM permissions, roles, and users with a directory service such as LDAP or Active Directory with an Identity Provider.
Paul Glavich discusses design decisions to be made when building a new API regarding versioning, hypermedia usage, authentication and other aspects.
Colin Harrington warns that application security is not a concern that we can ignore. Vulnerabilities come from various angles, but it is important to stay aware so we can recognize and thwart threats
David Syer explores the new features in Spring OAuth2, providing guidance on what to use and when, and showing how easy they are to enable quickly.
Scott Smerchek presents the benefits of using a nonprofit web project to learn Rails and what he learned while building LoveKC.org, introducing various Rails topics.