OAuth is a protocol that combines authentication and authorization. With the release of OAuth 2.0, it has become industry standard mechanism for identity management. Using scopes with JWT, access management can be achieved with OAuth, heightening security while also granting user permissions. OAuth has different flows that typically involve sharing tokens between various entities. For more, read our related articles.

Related articles

3 Common Methods of API Authentication Explained

APIs handle enormous amounts of data of a wiy varying type – accordingly, one of the chief concerns of any data provider is how specifically to secure this data. The idea that data should be secret, that it should be unchanged, and that it should be available for manipulation is key to any conversation on…

Read More

Why Can’t I Just Send JWTs Without OAuth?

A JSON Web Ten or JWT is an extremely powerful standard. It’s a signed JSON object; a compact ten format often exchanged in HTTP headers to encrypt web communications. Because of its power, JWTs can be found driving some of the largest modern API implementations. For many, the JWT represents a great solution that balances…

Read More

OAuth 2.0 – Why It’s Vital to IoT Security

In this article we’ll explain why OAuth 2.0 is vital to IoT security. The internet is fundamentally an unsafe place. For every service, every API, there are users who would nothing than to break through the various layers of security you’ve erected. This is no small concern, either — in the US alone,…

Read More

Building With Open Standards Will Result in IT Longevity

In the initial years of the world wide web, much was innovated as it was needed — while the fundamentals were open and commonly agreed upon, the systems that used these fundamentals often were not. Innovation led to unique solutions, which led to the development of proprietary systems and approaches. However as time marched on, the…

Read More

Securing the IoT for Decades to Come

In 2007 Kevin Kelly gave a TED talk in which he forecasted how the World Wide Web would lo 5000 days into the future, prophesizing the emergence of the IoT and AI. He envisioned a connected planet where all manufactured goods tap into a single, global, intelligent network. At the time, the Internet of…

Read More

How to Handle Batch Processing with OAuth 2.0

Recently on the Nordic APIs channel we’ve had a few people ask — how do you handle batch processes that are secured with OAuth 2.0? Batch requests are ones executed automatically or programmed to repeat recurringly. Usually we use OAuth to confirm user identity for API calls, but the problem is that OAuth 2.0 isn’t…

Read More