New Pluralsight Course: Getting Started with OAuth 2.0

Scott Brady
Sep 26, 2018 · 2 min read

I’m really excited to announce the release of my latest Pluralsight course: “Getting Started with OAuth 2.0”.

In this course, we take a look at the OAuth 2 authorization framework and some of the work that’s been happening that makes OAuth and its extensions the gold standard for API security.

This course is going to be entirely programming free and is suitable for software developers of any language or stack. That being said, if you’re looking to get started with IdentityServer4, I highly recommend this course as your first step.

If you’re looking for a course that will allow you to understand and have a fighting chance with any OAuth implementation, then this is the course for you. This course will allow you to talk the talk and architect the right solution for you.

I debated changing this course to “Getting Started with OpenID Connect 1.0”, however, based on recent experiences with customers and workshop attendees, I’m finding a core understanding of OAuth is what is missing and causes the most “Eureka!” moments. Once you understand OAuth, adding OpenID Connect into the mix is much easier. After all, OpenID Connect is just an identity layer on top of OAuth; it only adds to it, it doesn’t remove anything.

Topics Covered

  • The core OAuth 2.0 specification
  • Why OAuth is preferred over past API protection mechanisms
  • How and when to use each grant type
  • Common pitfalls/misconceptions

And popular extensions such as:

  • Proof Key for Code Exchange (PKCE)
  • OpenID Connect
  • Device Flow
  • Discovery Metadata


If there are any inconsistencies, or subjects you think need expanding or just want to know more about, let me know, and I’ll see about supplementing the course with a blog post addressing it.

I was a bit dubious about the sound quality on some of the modules, so feel free to reach out if you think it needs work.

And finally, I’m on the lookout for my next Pluralsight course topic. My current plan is something generic around authentication, or maybe that “Getting Started with OpenID Connect 1.0” course.

Originally published at

Scott Brady

Written by

Identity & Access Control Lead at Rock Solid Knowledge. I specialize in Identity, Authentication, OAuth, and OpenID Connect. See for more

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade