OpenID Connect has become a widely adopted standard for authentication and authorization in the digital environment.

However, despite its widespread usage, the security of OpenID Connect implementations can be compromised due to vulnerabilities that can be exploited.

At Approach, our intrusion testing services have uncovered numerous instances of security bypass and theft of real user credentials.

In this presentation, our security experts will provide a technical overview of these vulnerabilities and offer practical, actionable advice on how to mitigate the associated risks and secure your OpenID Connect implementation.

Topics will include real-world examples of security bypass, best practices for verifying the authenticity of identity providers, and secure storage and transmission of tokens.

By attending this presentation, developers will gain a deeper understanding of the technicalities involved in securing OpenID Connect and learn how to build a secure and resilient authentication and authorization system.