Books about OAuth 2.0

OAuth 2.0 Simplified Book Cover

OAuth 2.0 Simplified by Aaron Parecki is a guide to building an OAuth 2.0 server. Through high-level overviews, step-by-step instructions, and real-world examples, you will learn how to take advantage of the OAuth 2.0 framework while building a secure API.

Whether you’re a software architect, application developer, project manager, or a casual programmer, this book will introduce you to the concepts of OAuth 2.0 and demonstrate what is required when building a server.

This book is currently available from Lulu.com and Amazon, and on Kindle.

OAuth in Action Cover

OAuth 2 in Action by Justin Richer and Antonio Sanso covers the OAuth 2 protocol in depth, providing hands-on exercises for building clients, authorization servers, and protected resources in various configurations. The book covers the structure and components of an OAuth 2 system, common vunlerabilities and mitigations, and several protocols that are built on and around OAuth 2. Exercises are included that walk through building an entire OAuth 2.0 ecosystem.

This book is currently available from Manning, Amazon, and wherever technical books are sold.

Mastering Oauth 2.0 Cover

Mastering OAuth 2.0 by Charles Bihis provides an in-depth view of the OAuth 2.0 protocol from a client perspective. With a focus on practicality and security, this book explores the various ways in which a client can integrate with an OAuth 2.0 service provider, discussing caveats and best practices along the way.

This book focuses on the client integration side of the OAuth 2.0 protocol and is ideal for client and application developers looking to integrate with OAuth 2.0 service providers in the most secure and effective way.

This book is available from Packt and Amazon.

OAuth 2.0 Cookbook

OAuth 2.0 Cookbook by Adolfo Eloy Nascimento provides useful recipes for solving real-life problems using Spring Security and creating Android applications.

The book starts by presenting you how to interact with some public OAuth 2.0 protected APIs such as Facebook, LinkedIn and Google. Readers will also be able to implement their own OAuth 2.0 provider with Spring Security OAuth2. Next, the book covers practical scenarios regarding some important OAuth 2.0 profiles such as Dynamic Client Registration, Token Introspection and how to revoke issued access tokens. Readers will then be introduced to the usage of JWT, OpenID Connect, and how to safely implement native mobile OAuth 2.0 Clients.

This book is available from Packt and Amazon.