Skip to main content

OAuth & Identity Labs

Hands-on authentication and authorization challenges.

Authorization Code Flow Trainer Icon

Authorization Code Flow Trainer

Set up and troubleshoot a full OAuth 2.0 flow.

Client Credentials Flow Lab Icon

Client Credentials Flow Lab

Learn service-to-service authentication.

PKCE Challenge Icon

PKCE Challenge

Secure mobile & SPA authentication with PKCE.

JWT Playground Icon

JWT Playground

Generate, decode, and verify JWTs.

SAML vs OAuth Showdown Icon

SAML vs OAuth Showdown

Compare and contrast identity federation protocols.

Implicit Flow Lab Icon

Implicit Flow Lab

Explore the legacy flow and its security risks.

OAuth Token Exchange Icon

OAuth Token Exchange

Simulate token handling between different parties.

OAuth Threat Modeling Icon

OAuth Threat Modeling

Analyze and mitigate common OAuth vulnerabilities.

OAuth with FIDO2/WebAuthn Icon

OAuth with FIDO2/WebAuthn

Combine OAuth with passwordless authentication.

OAuth Consent & Scopes Lab Icon

OAuth Consent & Scopes Lab

Understand scopes, permissions, and user consent flows.