Authorization Books
9 books in this category
OAuth 2 in Action
Justin Richer
OAuth 2 in Action
Justin Richer, Antonio Sanso
OAuth 2 in Action teaches you the practical use and deployment of OAuth 2 from the perspective of a client, authorization server, and resource server. You'll learn how to build an OAuth 2 ecosystem from scratch, understand the security implications, and implement it correctly in real-world scenarios.
Solving Identity Management in Modern Applications
Yvonne Wilson
Solving Identity Management in Modern Applications
Yvonne Wilson, Abhishek Hingnikar
This book provides a practical guide to identity management for modern applications. It covers the fundamentals of authentication, authorization, OAuth 2.0, OpenID Connect, and SAML 2.0, explaining when and how to use each. The second edition includes updated coverage of passwordless authentication, passkeys, and decentralized identity.
Keycloak - Identity and Access Management for Modern Applications
Stian Thorgersen
Keycloak - Identity and Access Management for Modern Applications
Stian Thorgersen, Pedro Igor Silva
This practical guide covers Keycloak from installation to advanced configuration. Learn how to secure applications using OpenID Connect and OAuth 2.0, configure social login, implement fine-grained authorization, manage users and roles, and integrate Keycloak with existing infrastructure.
OAuth 2.0 Simplified
Aaron Parecki
OAuth 2.0 Simplified
Aaron Parecki
OAuth 2.0 Simplified is a guide to building OAuth 2.0 servers and clients. Written by the author of oauth.com, it covers the OAuth 2.0 framework in clear, approachable language with practical examples for web and mobile applications.
OpenID Connect in Action
Prabath Siriwardena
OpenID Connect in Action
Prabath Siriwardena
OpenID Connect in Action provides a comprehensive, hands-on guide to the OpenID Connect protocol. It covers the core specification, discovery, dynamic registration, session management, and practical integration patterns for securing modern web and mobile applications.
API Security in Action
Neil Madden
API Security in Action
Neil Madden
API Security in Action teaches you how to create secure APIs for any situation. It covers authentication, authorization, audit logging, rate limiting, and encryption for REST, gRPC, and message-based APIs. The book uses practical Java examples but the principles apply to any language.
Advanced API Security
Prabath Siriwardena
Advanced API Security
Prabath Siriwardena
Advanced API Security covers cutting-edge API security patterns including OAuth 2.0 extensions, OpenID Connect, UMA, token binding, and mutual TLS. It explores advanced topics like API gateways, service mesh security, and securing microservices architectures.
Authentication and Access Control
Jason Andress
Authentication and Access Control
Jason Andress
A practical guide to authentication mechanisms and access control models. It covers password-based authentication, multi-factor authentication, biometrics, access control models (MAC, DAC, RBAC, ABAC), and the cryptographic foundations that support them.
IAM for Cloud Infrastructure
Marcus Young
IAM for Cloud Infrastructure
Marcus Young
A practical guide to identity and access management across major cloud platforms. Covers AWS IAM, Azure AD (Entra ID), and GCP IAM including policies, roles, service accounts, cross-cloud identity federation, and infrastructure-as-code for IAM.