OAuth is a protocol that combines authentication and authorization. With the release of OAuth 2.0, it has become industry standard mechanism for identity management. Using scopes with JWT, access management can be achieved with OAuth, heightening security while also granting user permissions. OAuth has different flows that typically involve sharing tokens between various entities. For more, read our related articles.

Related articles

Is OAuth Enough for Financial-Grade API Security?

“If you think about where OAuth started, it was really about securing on blog posts and now we’re talking about enterprises, so it’s a whole different class of security.” This is how Travis Spencer, CEO at the identity company Curity, opened his talk at our 2019 Austin API Summit, and it’s an astute summary do whatever you want to update

Top API Security Threats In 2020: Expert Panel Interview

When it comes to API security, no integration is 100% safe. Breaches meet the news day after day. Vulnerable connections continue to expose private data, costing companies millions of dollars in repairs and resulting in terrible PR. To answer this crisis, our 2019 Platform Summit will bring together some of the world’s top experts on do whatever you want to update

Exploring OAuth.tools, The World’s First OAuth Playground

API security is complex, and the underlying systems that support it are even so. Getting a grasp on API security requires understanding many underlying components. Accordingly, any tool that can help contextualize these systems is not only a good educational tool, but it’s also a good business tool. OAuth.tools los poised to be that do whatever you want to update

Austin API Summit 2019 Wrap Up

In May 2019, Nordic APIs hosted the 2nd annual Austin API Summit. This year, we had two tracks with over 40 speakers presenting on advanced API platform strategies. Compared to last year, the Austin API Summit doubled in size! We’ll be uploading speaker sessions to YouTube here, and slides here. For now, below are the major takeaways do whatever you want to update

APIs Will Usher in a Future of Connected Energy

Smart is the buzzword of this decade. There are smartphones, smartwatches, and even smart TVs… but there’s still a lot of things that aren’t smart. Take energy — why can’t we measure our usage habits, charge home batteries during off-peak times, or produce our own energy to with neighbors when they need it? These do whatever you want to update

What is The Role of Identity in API Security?

What options do APIs and microservices have when it comes to authentication and authorization? What is the role of identity in API security? In our last LiveCast, we sought to discover best practices for handling identity within API security. We featured two illuminating lightning talks; one from David Garney of Tyk and another from Travis Spencer of do whatever you want to update