If we can trust the user we can do anything. If we can't trust our user, we can do nothing.

Almost all applications need to know who the user is. You could establish a user database with a password, but what prevents any random user to register as Donald Duck or Barack Obama? How do you find out who to trust?

Modern identity systems like Azure Active Directory, ID-porten (for Norway) as well as less secured ones use a standard to establish the user identity with your application. In this workshop we will build from stratch the parts of a JavaScript application that are needed to make it work with leading OpenID Connect providers together.

The demo application used in the workshop is available on https://github.com/jhannes/identity-fun . A live version is running on https://javabin-openid-demo.azurewebsites.net/