Practical API security

Adam Englander (15.Oct.2018 at 13:00, 3 hr )
Workshop at ZendCon & OpenEnterprise 2018 (English - US)

Rating: 5 of 5

With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.

In this tutorial, you will learn how to write a secure API with future proof security utilizing JOSE. JOSE is a collection of complimentary standards: JWT, JWE, JWS, JWA, and JWK. JOSE is used by OAuth, OpenID, and others to secure communications between APIs and consumers. Now you can use it to secure your API.

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

Want to comment on this talk? Log in or create a new account or comment anonymously

Write a comment

 
Please note: you are not logged in and will be posting anonymously!
= four plus nine

Comments

Rating: 5 of 5

16.Oct.2018 at 15:58 by Brian Johnson (12 comments) via Web2 LIVE

Great in-depth explanation of some layered security techniques w/ good explanations of the how/why, and opportunity for hands on coding.

I'm interested in a copy of the slides from the opening... particularly the ones detailing the layers.

© Joind.in 2018