Guarding privacy and security using API Gateways

In this webinar NGINX and Curity explore ways to elevate privacy and security using API Gateways.

In today’s world, APIs are ubiquitous, either in communication between-backend services or from front ends to back ends. They serve all kinds of purposes, come in different flavors, and return data in various formats. The possibilities are countless. Still, they all share one common trait – an API needs to be secure. Secure access to an API should be paramount for any company exposing them, especially if the APIs are available externally and consumed by third-party clients.

In this session, we will look at how you can enhance privacy and security by implementing the Phantom Token Flow using NGINX and the Curity Identity Server.

We will explore:

• the dangers of using a by-value token
• possible solutions involving a by-reference token
• differences between Phantom and Split Tokens
• a demo showing an easy way to set up containerized NGINX and the Curity Identity Server to use the Phantom Token Flow

---

About NGINX

NGINX, now a part of F5, Inc., is the company behind the popular open source project, NGINX. We offer a suite of technologies for developing and delivering modern applications. Together with F5, our combined solution bridges the gap between NetOps and DevOps, with multi‑cloud application services that span from code to customer.

About Curity

Curity is the leading supplier of API-driven identity management, providing unified security for digital services. Curity Identity Server is the world’s most powerful OAuth and OpenID Connect Server; it is used for logging in and securing millions of users’ access to web and mobile apps over APIs and microservices. Curity Identity Server is built upon open standards and designed for development and operations.