Learn about JSON web token, OAuth 2, and OpenID Connect for web security and access management.

Web App Security

Web application developers are always on the lookout for ways to secure their applications. Considering the rise in the number of cyber-attacks, this has become the most fundamental part of any web application. This module will serve as our handy guide to the basic terminologies and frameworks related to web application security. 
In this module, we’ll learn what JWT is, how a JWT is created, and what benefits it provides in token-based authentication. We’ll learn about the reason HTTPS was first introduced and how it revolutionized the way data is transferred using techniques like encryption and handshake. We’ll also dive deep into the most commonly used authentication and authorization frameworks called OAuth and OpenId Connect. This module will give us a taste of what web API security is all about and provide us with the foundation to build our subsequent knowledge of application security.

Web Security and Access Management: JWT, OAuth 2, OpenId Connect

## What is web application security?

Web application security deals with securing websites, mobile apps, and web APIs. Hackers subject web applications to different kinds of attacks, with the objective of stealing data or defacing a website.

Types of attacks differ based on the mode of attack and the attacker's objective. Common web attacks include SQL Injection, Cross-site scripting attack, Cross-site Request forgery, and Denial-of-Service attack. We will discuss some of them in the upcoming lessons.



# What is web application security?

Web application security deals with securing websites, mobile apps, and web APIs. Hackers subject web applications to different kinds of attacks, with the objective of stealing data or defacing a website.

Types of attacks differ based on the mode of attack and the attacker's objective. Common web attacks include SQL Injection, Cross-site scripting attack, Cross-site Request forgery, and Denial-of-Service attack. We will discuss some of them in the upcoming lessons.



In this lesson we will explore what web application security is and why we need it.

Getting started with Web Application Security

HTTPS Basics

JSON Web Token

OAuth

OpenID Connect

Conclusion

Introduction

What is web application security?