×

Session 5: Design tokens for your APIs

Using tokens for access to an API is just the beginning. The token itself can be shaped to contain all the details the API needs in order to properly authorize the request. This means that the token itself is an API for the APIs. Using claims, tokens can be shaped to create a valuable resource in your API infrastructure.

  • The difference between Scope and Claims
  • How to design a token
  • Using Scope
  • Adding Claims
  • Thinking API first
    • Define a contract with the API
    • Authorization in the API using scope and Claims

Related resources

Related sessions

Back to course
1

Introduction to OAuth

2

OAuth vs OpenID Connect

3

Tokens and APIs

4

Server to Server Communication with OAuth

6

Dynamic Clients and Metadata

7

OAuth for Mobile Applications

8

OAuth for Single Page Applications