OAuth 2.1 & OpenID Connect for Builders
The auth stack most teams inherit, minus the jargon: code + PKCE, refresh tokens, ID tokens, and machine-to-machine flows that actually matter.
devauthoauth
Posts tagged “oauth”
Tiny explainers grouped by topic. Spend less time Googling, more time building.
The OAuth2 Flow, Decoded — roles, tokens, and the PKCE dance
A diagram-first walkthrough of OAuth 2’s Authorization Code + PKCE flow: who does what, how the redirects work, and where the tokens end up.
devsecurityoauth
Authentication vs. Authorization — what’s the difference and how they fit together
A clear, practical comparison: authN proves who you are; authZ decides what you can do. Learn identities, sessions/tokens (OIDC/OAuth2), roles/scopes/permissions, and common pitfalls.
devsecurityauth