Session 5: Design tokens for your APIs

Using tokens for access to an API is just the beginning. The token itself can be shaped to contain all the details the API needs in order to properly authorize the request. This means that the token itself is an API for the APIs. Using claims, tokens can be shaped to create a valuable resource in your API infrastructure.

  • The difference between Scope and Claims
  • How to design a token
  • Using Scope
  • Adding Claims
  • Thinking API first: Define a contract with the API
  • Thinking API first: Authorization in the API using scope and Claims

Related resources


Course Outline