Abstract
OAuth 2.0 (Hardt, 2012) (note 1) is a widely used web security protocol. The aim of this paper is to illustrate OAuth 2.0 procedures by the use of Keycloak authorization server (Thorgensen, 2021) (note 6). Since OAuth 2.0 is a broad subject, we focus on selected Best Current Practice (BCP) topics, including the common types of authorization flows, and on the key aspects of bearer token processing by the protected resource server. The evolution of OAuth 2.0 towards OAuth version 2.1 implied by new internet challenges is also briefly discussed. To illustrate OAuth 2.0 procedures, we use a .NET6/C# demo implementation of client and server HTTP components, utilizing thereby well-known .NET6/C# classes such as HttpClient and HttpListener.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
