- OpenID Specifications
- Creating a Shared Secret
- Implicit Flow vs. Code Flow with PKCE
- OpenID Connect vs OAuth vs SAML 2
- OpenID Connect Protocol
- Free intro training for OAuth 2.0 and OpenID Connect
- RFC6819: Oauth2 threat model
- RFC8252: OAuth 2.0 for Native Apps
- Draft RFC: OAuth 2.0 for Browser-Based Apps
- Draft RFC: OAuth 2.0 Security Best Current Practice