Episode 39: Authentication For Javascript Apps - Kim Maida

Web Rush

Kim Maida talks with us about authentication, rolling your own security, SDK for apps on Auth0, Groups vs claims vs scopes, storing tokens on client side, and how short a life should access tokens have.

Recording date: 2019-06-18

John Papa @John_Papa

Ward Bell @WardBell

Dan Wahlin @DanWahlin

Kim Maida @KimMaida


Someone to follow


  • 00:40 Topic & guest introduction
  • 03:56 What are some of the issues with rolling your own security?
  • 07:18 Where do you start with security?
  • 13:57 SDKs for Apps on Auth0
  • 20:15 Groups vs Claims vs scopes
  • 23:23 Is storing tokens on the client side a bad thing?
  • 28:45 Sponsor: IdeaBlade
  • 29:44 You don't know what you don't know
  • 34:07 How short should access token life be?
  • 40:07 NG Vikings Conference
  • 42:25 Someone to follow

Audio Player