SlideShare a Scribd company logo

Securing APIs: Key Concepts Like Authentication, Authorization, OAuth 2.0 & UMA

WSO2
WSO2

Businesses today are rapidly moving from being service enabled to being API enabled. Moving into the world of APIs brings with it its own set of complexities and challenges that are tough to tackle. API security is a key area to be focusing your engineering efforts on. This talk will focus on various security protocols that are available and on leveraging the extensive feature set and extensible nature of the WSO2 platform to secure your APIs.

Technology
1 of 20
Download to read offline
Securing Your APIs: How, What, Why and When Dulanja Liyanage Technical Lead, WSO2 dulanja@wso2.com
A:ributes of a secured design Authen>ca>on Only legi>mate users can access the system Authoriza>on The system won’t allow users to do anything more than what they are supposed to do Confiden>ality Confiden>al data can only be seen by the intended recipients, nobody else Integrity Integrity of the transac>ons are protected Non-repudia>on An en>ty cannot deny its ac>ons Audi>ng All anomalies are recorded Availability The system is available for legi>mate users to access, all the >me
HTTP Basic Authen?ca?on •  Crea?ng a GitHub repository curl -I -u $GitHubUserName:$GitHubPassword -X POST -H 'Content-Type: applica>on/x-www-form-urlencoded’ -d '{"name": "my_github_repo"}' hYps://api.github.com/user/repos Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l
HTTP Digest Authen?ca?on curl -k --digest --u username:password -v hYps://localhost:8443/recipe Authorization: Digest username="prabath", realm="cute- cupcakes.com", nonce="1390781967182:c2db4ebb26207f6ed38bb08eeffc7422", uri="/ recipe", cnonce="MTM5MDc4", nc=00000001, qop="auth", response="f5bfb64ba8596d1b9ad1514702f5a062", opaque="F5288F4526B8EAFFC4AC79F04CA8A6ED" HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm="cute-cupcakes.com", qop="auth”, nonce="1390781967182:c2db4ebb26207f6ed38bb08eeffc7422", opaque="F5288F4526B8EAFFC4AC79F04CA8A6ED"
HTTP Basic vs. Digest Authen?ca?on Basic Authen?ca?on Digest Authen?ca?on Sends creden>als in clear text Creden>als never sent in clear text. A digest derived is sent Must be used with a transport level security like TLS Does not depend on transport level security Only performs authen>ca>on Can perform authen>ca>on and integrity protec>on (with qop=auth-int) User store can store password as a salted hash User store should store password in cleartext or store the hash value of username:password:realm
TLS Mutual Authen?ca?on curl -k --cert client.pem h:ps://localhost:8443/recipe •  Gateway itself does the cer>ficate valida>on •  Fine-grained access valida>ons can be done by the authoriza>on server
OAuth •  Allows applica?ons to act on behalf of end users without sharing creden?als •  Three-legged OAuth –  Client, Resource Server and User (Resource Owner) •  Two-legged OAuth –  Client (Resource Owner) and Resource Server •  OAuth 1.0a –  Restric>ve, cumbersome, involves signatures –  Only twiYer uses it •  OAuth 2.0 –  Depends on SSL –  A framework rather than a concrete standard –  Could cater many use cases - via grant types
Authoriza?on Code Grant Suitable for web applica>ons. Implicit Grant Suitable for mobile, SPA and untrusted public apps where client secret cannot be kept private. Resource Owner Creden?als Grant Suitable for apps trusted by Authz Server. e.g. official FB app. Client Creden?als Grant Suitable to retrieve data not specific to end users - e.g. Weather/Stocks - and for machine-to-machine communica>ons. OAuth 2.0
OAuth 2.0 - Authoriza?on Code Grant
OAuth 2.0 - Decoupling End User Authen?ca?on from the Authoriza?on Server
OAuth 2.0 - SAML Grant Type
OAuth 2.0 - JWT Grant Type
OAuth 2.0 - NTLM Grant Type
OAuth 2.0 - Chained Grant Type
Token Introspec?on POST /introspection HTTP/1.1 Accept: application/x-www-form-urlencoded Host: server.example.com Authorization: Basic czZCaGRSa3F0Mzo3RmpmcDBaQnIxS3REUmJuZlZkbUl3 token=X3241Affw.4233-99JXJ&resource_id=… { "active": true, "client_id":"s6BhdRkqt3", "scope": "read write dolphin", "sub": "2309fj32kl", "aud": http://example.org/protected-resource/* } Standardiza>on of Resource Server -> Authoriza>on Server communica>on for token valida>on
Fine-grained Authoriza?on with XACML
User-Managed Access (UMA) •  OAuth 2.0 solves Person-to-Client delega>on •  UMA tries to solve/standardize Person-to-Person delega>on e.g. Luke sharing a doc on Google Drive with ‘edit’ rights to John and ‘view’ rights to Peter •  Introduces an en>ty named “Reques>ng Party” •  IoT have quite interes>ng scenarios UMA could solve.
User-Managed Access (UMA)
Confiden?ality: •  TLS, JWE Integrity: •  TLS, JWS Non-repudia?on: •  JWS Audi?ng: •  Audit logs •  Analy>cs for fraud/threat detec>on Availability: •  Network level measures •  ThroYling: Client level, User level
Thank You! #WSO2ConEU Share your feedback for this session wso2con.com/app

Recommended

WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...
WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...
WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...WSO2
 
WSO2Con EU 2016: Understanding the WSO2 API Management Platform
WSO2Con EU 2016: Understanding the WSO2 API Management PlatformWSO2Con EU 2016: Understanding the WSO2 API Management Platform
WSO2Con EU 2016: Understanding the WSO2 API Management PlatformWSO2
 
CIS14: PingAccess in Action
CIS14: PingAccess in ActionCIS14: PingAccess in Action
CIS14: PingAccess in ActionCloudIDSummit
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native EraWSO2
 
CIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDKCIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDKCloudIDSummit
 
Serverless functions or microservices
Serverless functions or microservicesServerless functions or microservices
Serverless functions or microservicesRadu Vunvulea
 
API Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAPI Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAkana
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform VaultShrivatsa Upadhye
 

Recommended

WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...
WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...
WSO2Con EU 2016: New IT Business Models and Open Source Middleware Economic ...WSO2
 
WSO2Con EU 2016: Understanding the WSO2 API Management Platform
WSO2Con EU 2016: Understanding the WSO2 API Management PlatformWSO2Con EU 2016: Understanding the WSO2 API Management Platform
WSO2Con EU 2016: Understanding the WSO2 API Management PlatformWSO2
 
CIS14: PingAccess in Action
CIS14: PingAccess in ActionCIS14: PingAccess in Action
CIS14: PingAccess in ActionCloudIDSummit
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native EraWSO2
 
CIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDKCIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDKCloudIDSummit
 
Serverless functions or microservices
Serverless functions or microservicesServerless functions or microservices
Serverless functions or microservicesRadu Vunvulea
 
API Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAPI Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAkana
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform VaultShrivatsa Upadhye
 
Azure security guidelines for developers
Azure security guidelines for developers Azure security guidelines for developers
Azure security guidelines for developers Ivo Andreev
 
Data-driven Security: Protect APIs from Adaptive Threats
Data-driven Security: Protect APIs from Adaptive ThreatsData-driven Security: Protect APIs from Adaptive Threats
Data-driven Security: Protect APIs from Adaptive ThreatsApigee | Google Cloud
 
Protecting APIs from Mobile Threats- Beyond Oauth
Protecting APIs from Mobile Threats- Beyond OauthProtecting APIs from Mobile Threats- Beyond Oauth
Protecting APIs from Mobile Threats- Beyond OauthApigee | Google Cloud
 
Spring security
Spring securitySpring security
Spring securitysakhibarun
 
The user s identities
The user s identitiesThe user s identities
The user s identitiesGiuliano Latini
 
API Security in a Microservices World
API Security in a Microservices WorldAPI Security in a Microservices World
API Security in a Microservices World42Crunch
 
Web application firewall advanced
Web application firewall advancedWeb application firewall advanced
Web application firewall advancedWeb Application Scanning
 
Data-driven API Security
Data-driven API SecurityData-driven API Security
Data-driven API SecurityApigee | Google Cloud
 
API Security and Management Best Practices
API Security and Management Best PracticesAPI Security and Management Best Practices
API Security and Management Best PracticesCA API Management
 
Securing Microservices with Spring Cloud Security
Securing Microservices with Spring Cloud SecuritySecuring Microservices with Spring Cloud Security
Securing Microservices with Spring Cloud SecurityWill Tran
 
OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater Apigee | Google Cloud
 
Spring Boot Authentication...and More!
Spring Boot Authentication...and More! Spring Boot Authentication...and More!
Spring Boot Authentication...and More! Stormpath
 
Security in mulesoft
Security in mulesoftSecurity in mulesoft
Security in mulesoftakshay yeluru
 
Firewall seguro, proteção para aplicações
Firewall seguro, proteção para aplicaçõesFirewall seguro, proteção para aplicações
Firewall seguro, proteção para aplicaçõesCYLK IT Solutions
 
Programming with Azure Active Directory
Programming with Azure Active DirectoryProgramming with Azure Active Directory
Programming with Azure Active DirectoryJoonas Westlin
 
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...apidays
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...DevOps.com
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esbhimajareddys
 
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaSAfkham Azeez
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsAlert Logic
 
WSO2Con EU 2016: Reinforcing Your Enterprise with Security Architectures
WSO2Con EU 2016: Reinforcing Your Enterprise with Security ArchitecturesWSO2Con EU 2016: Reinforcing Your Enterprise with Security Architectures
WSO2Con EU 2016: Reinforcing Your Enterprise with Security ArchitecturesWSO2
 
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEs
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEsWSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEs
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEsWSO2
 

More Related Content

What's hot

Azure security guidelines for developers
Azure security guidelines for developers Azure security guidelines for developers
Azure security guidelines for developers Ivo Andreev
 
Data-driven Security: Protect APIs from Adaptive Threats
Data-driven Security: Protect APIs from Adaptive ThreatsData-driven Security: Protect APIs from Adaptive Threats
Data-driven Security: Protect APIs from Adaptive ThreatsApigee | Google Cloud
 
Protecting APIs from Mobile Threats- Beyond Oauth
Protecting APIs from Mobile Threats- Beyond OauthProtecting APIs from Mobile Threats- Beyond Oauth
Protecting APIs from Mobile Threats- Beyond OauthApigee | Google Cloud
 
Spring security
Spring securitySpring security
Spring securitysakhibarun
 
API Security in a Microservices World
API Security in a Microservices WorldAPI Security in a Microservices World
API Security in a Microservices World42Crunch
 
API Security and Management Best Practices
API Security and Management Best PracticesAPI Security and Management Best Practices
API Security and Management Best PracticesCA API Management
 
Securing Microservices with Spring Cloud Security
Securing Microservices with Spring Cloud SecuritySecuring Microservices with Spring Cloud Security
Securing Microservices with Spring Cloud SecurityWill Tran
 
OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater Apigee | Google Cloud
 
Spring Boot Authentication...and More!
Spring Boot Authentication...and More! Spring Boot Authentication...and More!
Spring Boot Authentication...and More! Stormpath
 
Security in mulesoft
Security in mulesoftSecurity in mulesoft
Security in mulesoftakshay yeluru
 
Firewall seguro, proteção para aplicações
Firewall seguro, proteção para aplicaçõesFirewall seguro, proteção para aplicações
Firewall seguro, proteção para aplicaçõesCYLK IT Solutions
 
Programming with Azure Active Directory
Programming with Azure Active DirectoryProgramming with Azure Active Directory
Programming with Azure Active DirectoryJoonas Westlin
 
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...apidays
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...DevOps.com
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esbhimajareddys
 
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaSAfkham Azeez
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsAlert Logic
 

What's hot (20)

Azure security guidelines for developers
Azure security guidelines for developers Azure security guidelines for developers
Azure security guidelines for developers
 
Data-driven Security: Protect APIs from Adaptive Threats
Data-driven Security: Protect APIs from Adaptive ThreatsData-driven Security: Protect APIs from Adaptive Threats
Data-driven Security: Protect APIs from Adaptive Threats
 
Protecting APIs from Mobile Threats- Beyond Oauth
Protecting APIs from Mobile Threats- Beyond OauthProtecting APIs from Mobile Threats- Beyond Oauth
Protecting APIs from Mobile Threats- Beyond Oauth
 
Spring security
Spring securitySpring security
Spring security
 
The user s identities
The user s identitiesThe user s identities
The user s identities
 
API Security in a Microservices World
API Security in a Microservices WorldAPI Security in a Microservices World
API Security in a Microservices World
 
Web application firewall advanced
Web application firewall advancedWeb application firewall advanced
Web application firewall advanced
 
Data-driven API Security
Data-driven API SecurityData-driven API Security
Data-driven API Security
 
API Security and Management Best Practices
API Security and Management Best PracticesAPI Security and Management Best Practices
API Security and Management Best Practices
 
Securing Microservices with Spring Cloud Security
Securing Microservices with Spring Cloud SecuritySecuring Microservices with Spring Cloud Security
Securing Microservices with Spring Cloud Security
 
OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater
 
Spring Boot Authentication...and More!
Spring Boot Authentication...and More! Spring Boot Authentication...and More!
Spring Boot Authentication...and More!
 
Security in mulesoft
Security in mulesoftSecurity in mulesoft
Security in mulesoft
 
Firewall seguro, proteção para aplicações
Firewall seguro, proteção para aplicaçõesFirewall seguro, proteção para aplicações
Firewall seguro, proteção para aplicações
 
Programming with Azure Active Directory
Programming with Azure Active DirectoryProgramming with Azure Active Directory
Programming with Azure Active Directory
 
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...
apidays LIVE New York 2021 - OWASP cautions against “insufficient logging & m...
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esb
 
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS
[WSO2Con Asia 2014] Accelerating Mobile App Development with MBaaS
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web Apps
 

Viewers also liked

WSO2Con EU 2016: Reinforcing Your Enterprise with Security Architectures
WSO2Con EU 2016: Reinforcing Your Enterprise with Security ArchitecturesWSO2Con EU 2016: Reinforcing Your Enterprise with Security Architectures
WSO2Con EU 2016: Reinforcing Your Enterprise with Security ArchitecturesWSO2
 
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEs
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEsWSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEs
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEsWSO2
 
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance CenterWSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance CenterWSO2
 
WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...
WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...
WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...WSO2
 
WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...
WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...
WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...WSO2
 
WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...
WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...
WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...WSO2
 
WSO2Con USA 2015: Optimizing Service Platforms with SOA Governance
WSO2Con USA 2015: Optimizing Service Platforms with SOA GovernanceWSO2Con USA 2015: Optimizing Service Platforms with SOA Governance
WSO2Con USA 2015: Optimizing Service Platforms with SOA GovernanceWSO2
 
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2
 
WSO2Con EU 2016: On the dot – Deliveries When You Want Them
WSO2Con EU 2016: On the dot – Deliveries When You Want ThemWSO2Con EU 2016: On the dot – Deliveries When You Want Them
WSO2Con EU 2016: On the dot – Deliveries When You Want ThemWSO2
 
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...WSO2
 

Viewers also liked (10)

WSO2Con EU 2016: Reinforcing Your Enterprise with Security Architectures
WSO2Con EU 2016: Reinforcing Your Enterprise with Security ArchitecturesWSO2Con EU 2016: Reinforcing Your Enterprise with Security Architectures
WSO2Con EU 2016: Reinforcing Your Enterprise with Security Architectures
 
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEs
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEsWSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEs
WSO2Con ASIA 2016: Getting Started with App Cloud and API Cloud for SMEs
 
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance CenterWSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
WSO2Con ASIA 2016: Introduction to the All New WSO2 Governance Center
 
WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...
WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...
WSO2Con USA 2015: Implementing SSO Across our Science-as-­a-­Service Web and ...
 
WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...
WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...
WSO2Con Asia 2014 - Connected Business and the API Economy: Challenges & Oppo...
 
WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...
WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...
WSO2Con USA 2015: Cross Section of an API Program: The NEXEN API Program at B...
 
WSO2Con USA 2015: Optimizing Service Platforms with SOA Governance
WSO2Con USA 2015: Optimizing Service Platforms with SOA GovernanceWSO2Con USA 2015: Optimizing Service Platforms with SOA Governance
WSO2Con USA 2015: Optimizing Service Platforms with SOA Governance
 
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
 
WSO2Con EU 2016: On the dot – Deliveries When You Want Them
WSO2Con EU 2016: On the dot – Deliveries When You Want ThemWSO2Con EU 2016: On the dot – Deliveries When You Want Them
WSO2Con EU 2016: On the dot – Deliveries When You Want Them
 
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
 

Similar to Securing APIs: Key Concepts Like Authentication, Authorization, OAuth 2.0 & UMA

FIWARE Wednesday Webinars - How to Secure IoT Devices
FIWARE Wednesday Webinars - How to Secure IoT DevicesFIWARE Wednesday Webinars - How to Secure IoT Devices
FIWARE Wednesday Webinars - How to Secure IoT DevicesFIWARE
 
Backdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerBackdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerIRJET Journal
 
Reliable and fast security audits - The modern and offensive way-Mohan Gandhi
Reliable and fast security audits - The modern and offensive way-Mohan GandhiReliable and fast security audits - The modern and offensive way-Mohan Gandhi
Reliable and fast security audits - The modern and offensive way-Mohan Gandhibhumika2108
 
Authentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresAuthentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresCorley S.r.l.
 
OAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectOAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectJacob Combs
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationFernando Lopez Aguilar
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteDavid Keener
 
OAuth and OEmbed
OAuth and OEmbedOAuth and OEmbed
OAuth and OEmbedleahculver
 
Growing HashiCorp Vault at Hootsuite
Growing HashiCorp Vault at HootsuiteGrowing HashiCorp Vault at Hootsuite
Growing HashiCorp Vault at HootsuiteJAmes Atwill
 
Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0Adam Lewis
 
Adding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppAdding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppFIWARE
 
Securing application deployments in multi-tenant CI/CD environments
Securing application deployments in multi-tenant CI/CD environmentsSecuring application deployments in multi-tenant CI/CD environments
Securing application deployments in multi-tenant CI/CD environmentsBinu Ramakrishnan
 
Tizen Web Application Checker
Tizen Web Application CheckerTizen Web Application Checker
Tizen Web Application CheckerRyo Jin
 
Adding identity management and access control to your app
Adding identity management and access control to your appAdding identity management and access control to your app
Adding identity management and access control to your appÁlvaro Alonso González
 

Similar to Securing APIs: Key Concepts Like Authentication, Authorization, OAuth 2.0 & UMA (20)

FIWARE Wednesday Webinars - How to Secure IoT Devices
FIWARE Wednesday Webinars - How to Secure IoT DevicesFIWARE Wednesday Webinars - How to Secure IoT Devices
FIWARE Wednesday Webinars - How to Secure IoT Devices
 
Backdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerBackdoor Entry to a Windows Computer
Backdoor Entry to a Windows Computer
 
Reliable and fast security audits - The modern and offensive way-Mohan Gandhi
Reliable and fast security audits - The modern and offensive way-Mohan GandhiReliable and fast security audits - The modern and offensive way-Mohan Gandhi
Reliable and fast security audits - The modern and offensive way-Mohan Gandhi
 
Authentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresAuthentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructures
 
OAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectOAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID Connect
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your ApplicationAdding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your Application
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
 
OAuth and OEmbed
OAuth and OEmbedOAuth and OEmbed
OAuth and OEmbed
 
Growing HashiCorp Vault at Hootsuite
Growing HashiCorp Vault at HootsuiteGrowing HashiCorp Vault at Hootsuite
Growing HashiCorp Vault at Hootsuite
 
Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0
 
Adding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppAdding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your App
 
Some OAuth love
Some OAuth loveSome OAuth love
Some OAuth love
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base Camp
 
Securing application deployments in multi-tenant CI/CD environments
Securing application deployments in multi-tenant CI/CD environmentsSecuring application deployments in multi-tenant CI/CD environments
Securing application deployments in multi-tenant CI/CD environments
 
OAuth in the Wild
OAuth in the WildOAuth in the Wild
OAuth in the Wild
 
Tizen Web Application Checker
Tizen Web Application CheckerTizen Web Application Checker
Tizen Web Application Checker
 
Adding identity management and access control to your app
Adding identity management and access control to your appAdding identity management and access control to your app
Adding identity management and access control to your app
 
OpenID and OAuth
OpenID and OAuthOpenID and OAuth
OpenID and OAuth
 
Developing apps using Perl
Developing apps using PerlDeveloping apps using Perl
Developing apps using Perl
 
FIware Identity Manager
FIware Identity ManagerFIware Identity Manager
FIware Identity Manager
 

More from WSO2

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in ChoreoWSO2
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023WSO2
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzureWSO2
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfWSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in MinutesWSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityWSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfWSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoWSO2
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsWSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital BusinessesWSO2
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformationWSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesWSO2
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready BankWSO2
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIsWSO2
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native DeploymentWSO2
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”WSO2
 

More from WSO2 (20)

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 

Securing APIs: Key Concepts Like Authentication, Authorization, OAuth 2.0 & UMA