Military-Grade Security for APIs
Some APIs require tighter security than others, e.g., financial applications. After all, breaching a bank’s API is far more severe, than a cookbook recipes API. An important part of API security is the process of obtaining tokens with OAuth or OpenID Connect flows. In this talk I will present the extensions to OAuth and OIDC recommended for sensitive applications. The cryptic names of PAR, JARM, and mTLS will finally get meaning.
A talk given by Michal Trojanowski, Product Markering Engineer at Curity, at the 2023 Platform Summit in Stockholm.