Getting familiar with IBM MobileFirst Platform Foundation OAuth Security

In recent years OAuth has become a de facto industry standard for authorization. It allows client applications to securely access protected resources on behalf of the data owner without compromising data owner's credentials.

The new OAuth based security model introduced in IBM MobileFirst Platform Foundation v7.0 allows to easily solve many scenarios that were previously considered complex. Combining Authentication Gateways and IBM MobileFirst Platform allows to ensure not only user, but also device and application identities. The power of OAuth combined with flexibility of IBM MobileFirst Platform authentication framework allows implementing complex custom security integration scenarios protecting both MobileFirst internal and 3rd party web services.

In this video blog I'm covering following topics

  • How things worked prior to MobileFirst 7.0 - questions that required manual and sometimes complex solutions
  • OAuth in a nutshell
  • Understanding the OAuth flow
  • OAuth in IBM MobileFirst Platform
  • Leveraging IBM MobileFirst Platform OAuth in real scenarios
  • Demo - protecting Java adapters, Liberty server, NodeJS server

As always - watch in HD for best quality

Part 1 - Theoretical

Part 2 - Demo time

Download the sample project and external server files from here

Last modified on May 01, 2016