A look on different token sharing approaches in the Service Mesh.
Adapt the Phantom Token Approach. A privacy-preserving token usage pattern for microservices and combine the benefits of opaque and structured tokens.
A variation of the phantom token approach, which does need the introspection step.
What you should consider when using JWTs in your applications.
A write-up of the top API security vulnerabilities according to OWASP and mitigating approaches.
Security tips to consider when designing and creating APIs.
There is a spectrum of API security implementations, and not all of them are effective.
API security encompasses the practices, processes, and products used to ensure APIs are secure, data can be transferred safely, and malicious attacks are prevented. APIs power the connectivity of the digital world. They offer faster integrations and increased freedom of choice when it comes to products. Keeping APIs, and the data provided through them, safe and only available to the intended user is a must. In this section we have gathered information covering the most important aspects of securing APIs and microservices.