Drupal is a great solution as a gate keeper for account information and login control,
but what if we want to leverage this for other sites / applications?
This session will be a hands on approach on getting a drupal ready as a SingleSignOn provider using oAuth2 and OpenID connect.
I will show you:
- what you need to get it started.
- What you transmit over the line (e.a. what data is exchanged).
- how this is secured and authenticated.
- how to use your login on drupal on an other site.
- how to ensure you have specific acces before getting specific data (scopeing / partiioning data exchange).
- when you should consider other options than oAuth2 / OpenID Connect.
I have given Presentations before on:
- Assisted Floris van Geel in Gent at DrumpalCamp 2017 (https://www.youtube.com/watch?v=s-LnKDfUokI)
- SecOSday 2019, (https://youtu.be/H427-CeINbY)
- Drupaljam 2019 (the recording is incomplete unfortunately)
you can find more links / information on https://me.lawri.nl/