Modern Authentication for web apps with Identity Server

Talks Apr 23, 2016

Just a week after Global Azure Boot Camp, we had Null Hyderabad security meet and I was supposed to give a talk. I planned to repeat the Modern web authentication scenarios talk which I have presented at the Azure boot camp. But to satisfy my technical side, here is what I have done:

I could have made my job easy by running the same slides, but I have set a personal challenge of rewriting the demos using [Identity Server](, instead of [Azure AD]( as the identity provider. The result - I have learnt some of the low-level implementation details of OpenIdConnect and OAuth 2.0 protocols by playing around with IdentityServer APIs.

Here are the slides of my talk:

I have hinted Null Hyderabad core team that I would take longer that the usual time and here is how it ended up :)

One of the highlights of the meet was a talk by a 10+1 student! See how smart the next gen kids are turning out to be! I haven't switched on a computer till I was in the 2nd year of my Bachelor's degree and today we have a student doing a security talk in an open security community. I hope this will be an inspiration not only to rest of the college kids but also to working professionals who while away their time.

On another note, Raghunath, one of the co-founders of NULL Hyderabad and the backbone of the community since its inception, was leaving Hyderabad. While we are happy that he is moving abroad for a much bigger goal, we are sad that we will miss his contributions to the community.

I think one of the greatest qualities of passionate community contributors/leaders is that they help to inspire and create more such contributors and pass on the torch before they move on. Thanks to the initial efforts of [Imran]( and [Raghu]( - Today we have a vibrant core group at [Null Hyderabad chapter](, and a much energetic security community!