Securing your APIs using OAuth – Dan Moore – ASW #225
This segment will discuss options for protecting your APIs.
First, why protect them?
Second, what are the options and the tradeoffs.
Segment Resources:
- https://stackoverflow.blog/2022/04/11/the-complete-guide-to-protecting-your-apis-with-oauth2/
- https://fusionauth.io/learn/expert-advice/
- https://fusionauth.io/learn/expert-advice/oauth/modern-guide-to-oauth
- https://oauth.net/2/
- https://tools.ietf.org/html/rfc6749
- https://datatracker.ietf.org/doc/id/draft-ietf-oauth-v2-1-07.html
- https://paseto.io
- https://securityboulevard.com/2021/11/biggest-api-security-attacks-of-2021-so-far/
Announcements
Thank you for listening to or watching our podcasts! We want to ensure that we are creating the most relevant and useful content for our audience across our network! It is crucial to us that we are delivering to you more of what you want to hear and learn about. Please take a few minutes to complete our listener survey so that we can craft our content based on your needs. Visit https://securityweekly.com/survey to submit your feedback.
Guest
Dan Moore is head of developer relations for FusionAuth, and
currently helps educate developers about auth and OAuth. He’s written, contributed to or edited a number of books.
A former CTO, technical trainer, engineering manager and longtime developer, Dan has been writing software for (checks watch) over 20 years.
Hosts
