API Security and Authorization

API Security and Authorization

In this course, we give an overview of API security and authorization, look at requirements and outline some best practices to adopt.

We also look at the difference between authentication and authorization, and how attributes, tokens, claims, and scopes all fit together.

Register to get instant access to the courses and study from the comfort of your chair, at a time that suits you.

Course outline

Session 1: Overview and Requirements

The first session of the course provides an overview of authorization and presents different stakeholders that define the requirements for authorization.

  • Authentication & Authorization - what's the difference?
  • Authorization Overview & Requirements
  • Attributes and how to use them for authorization
  • Tokens
  • Claims & Scopes used to hold attribute values

Session 2: Techniques

The second session focuses on the techniques of authorization: the use of claims, authorization in layers, how to externalize it to an entitlement management system, and more.

  • Claims mappers and value providers
  • Authorization in layers
  • Authorization via the Entitlement Management System
  • Attribute Governance
  • Auditing

Presented by:

Jonas Iggbom

Jonas Iggbom

Director of Sales Engineering at Curity
X IconFollow

Next steps

Ready to modernize IAM?

Start Today - Build security and improve ease of use to stay ahead of the competition.