Speaker Details

Joe Grandja
Joe Grandja is a core committer on the Spring Security team. He has been leading the efforts in building the next generation of OAuth2 and OpenID Connect support in Spring Security and Spring Authorization Server. With over 25 years of industry experience, in the Toronto, Canada area, he has designed, built, and delivered enterprise grade banking applications and platforms in the Personal and Commercial and Brokerage and Investing divisions.
What if users can create an account and log into your application without ever having to enter a password. For example, a new user accesses your application from an iPhone they are able to create a new account and login using FaceId. This deep dive shows you how to use the Web Authentication Protocol, Passkeys and the Spring Security Authorization Server to implement such functionality. The Web Authentication is widely implemented in all modern browsers provides a highly secure and user-friendly on-boarding and authentication experience. Recently Google, Microsoft, and Apple introduced Passkeys as the preferred passwordless authentication technology based on FIDO and WebAuthn. In the workshop we will cover everything you need to know to understand how the WebAuthenticaiton, Passkey, FIDO2 protocols works and how to implement it using Spring Security and Spring Authorization Server. A git repo with highly commented code showing implementation will be provided.
Come learn everything you need know about the exciting world of passkeys so you can add it to your existing applications or use it for your new apps. No previous background in security is required to follow along and learn.