This is my first public speech about way to secure your API. Interective presentation you could find here - https://sergeypodgornyy.github.io/oauth-webbylab-presentation/ Security is something you want to get right. If you need to secure an API right now, I imagine you are worrying about how, exactly, to do it. It is to my surprise that JSON Web Tokens is a topic not often talked about, and I think it deserves to be in the spotlight today. We will see how easy it is to integrate it in an API authentication mechanism. If you want simple stateless HTTP authentication to an API, then JWT is just fine and relatively quick to implement. But JWT is a simple authentication protocol, OAuth is an authentication framework, that enables a third-party application to obtain limited access to an HTTP service. OAuth is a simple way to publish and interact with protected data. It's also a safer and more secure way for people to give you access.