Secure Authentication for Web Applications & APIs
Join us for an Exclusive Workshop:

Secure Authentication for Web Applications & APIs

Ryan Chenkie
Ryan Chenkie
November 9, 2016 - 9:30am to 5:30pm Central US Time

Attend Online

Live and in Full HD

Join in Person

From Downtown Minneapolis, MN

You're Registered to Attend Online!

November 9, 2016 - 9:30am to 5:30pm Central US Time

This Workshop Is Currently Live

November 9, 2016 - 9:30am to 5:30pm Central US Time

This Workshop Has Already Concluded

Secure Authentication for Web Applications & APIs

Why You Should Join Us

By coding along with us in the Workshop, you'll:

  • Discover what a JSON Web Token (JWT) is and how the JWT spec can be used for adding authentication to an application
  • Discover why authentication with JSON Web Tokens is preferable for single page apps
  • Discover what it means for a user to be authenticated in a single page app with JSON Web Tokens and how it differs from traditional round trip apps
  • Discover how to add a login screen to a single page app and have the server return a JSON Web Token on a successful login
  • Discover what it means to have a client side session with JWTs
  • Discover how to access protected resources in a single page app by making authenticated HTTP requests
  • Discover how to add access control to an application to limit resources to certain users based on their role

Your Instructor

Ryan Chenkie

Ryan Chenkie

Spend the Day Immersed With Leading Web Security Masters

Workshop Details

Non-trivial web applications require some form of user authentication. When it comes to implementing authentication in modern single page apps, things can get a bit tricky, and the traditional methods of session and cookie-based auth tend to get in the way.

The JSON Web Token spec offers a much better way of handling authentication in a SPA and comes with many benefits.

The workshop will provide demo apps in Angular 1.x, Angular 2, and React, as well as a complete API written in Node.js. The API will expose endpoints that allow users to sign up, log in, and request protected resources.

In this workshop, Ryan Chenkie and Lukas Ruebbelke will provide instruction on everything you need to know to get authentication going in your single page app. They'll take you through the anatomy of a JSON Web Token, how to use them to protect backend resources, and how to manage all the tricky parts of authentication in a SPA.

Daily Schedule

When it comes to implementing authentication in a modern single page application, things can get a bit tricky. SPAs typically communicate with a backend via a REST API, and since these APIs should be stateless, it becomes difficult to mix traditional session and cookie-based methods of authentication in modern apps.

Arguably, the best way to do authentication in a single page app is with JSON Web Tokens. We'll start this workshop by looking at what a JSON Web Token (JWT) is and why the spec is useful for implementing authentication. We'll also look at some of the benefits that JWT gives us over traditional session and cookie-based auth.

We'll spend some time looking at how we can address things like the user's authentication state, conditionally displaying various UI elements based on that state, and persisting a session after the user logs in. We'll also see how we can use information in the payload of a JWT to power our application's views and how we can use the JWT to get access to protected resources on the backend.

By the end of the workshop you'll be comfortable with managing authentication in a single page app and you'll have the building blocks in place to implement more advanced flows such as fine-grained access control.

  • 8:30AM
    Tech Check and Hello
  • 9:00AM
    JSON Web Token Basics
  • 9:30AM
    JSON Web Tokens and Single Page Apps
  • 10:00AM
    Implementing Authentication with JSON Web Tokens
  • 10:30AM
  • 11:00AM
    Client Side Sessions
  • 11:30AM
  • 12:00PM
    Lunch and Hacking
  • 1:00PM
    User Information in the Payload
  • 1:30PM
  • 2:00PM
    Protecting Resources
  • 2:30PM
  • 3:00PM
    Protecting Routes
  • 3:30PM
  • 4:00PM
    Further Reading and Wrap-up

Interact with the Instructor - Online & In-Person

Get Your Questions Answered • Code Along with the Class • Classroom Format

Is This Workshop for Me?


This is for a intermediate developer who is comfortable with high level architectural concepts and has a fundamental grasp on what functional programming tries to achieve. Building applications in a reactive style is a bit of a paradigm shift for a lot of developers but we believe the learning curve is well worth the payoff. We will make every effort to make the examples as approachable as possible and build on them but depending on your skill level, you may have to revisit them as you progress.

Event Details


One Full Day Workshop Session

Replay Videos (available immediately)


November 9, 2016 - 9:30am to 5:30pm Central US Time


Option 1: Attend online on our full HD live stream

Option 2: Attend in-person at HQ in Minneapolis, MN