Supported by Curity Logotype

Session

Global ‘Scope’ Enabling Zero Trust API Security

Himanshu Kumar
Himanshu Kumar T-Mobile USA

OAuth ‘scope’ has typically been a less used mechanism in achieving API Security. This has been primarily due to complexities involved in assigning Identity (what a given scope string mean) and managing it in a practical manner.

In this session we discuss practical design approach on how to assign scope that has global uniqueness in a decentralized multi domain API development environment – where teams develop APIs and swagger independently. Ideas on how to include compactly in token or alternate ways to make it available. Managing cascading scopes (based on API dependency on other APIs). How we can use the scope in all API layers (API Gateway and Micro Services components) to achieve zero trust security for API endpoints.

Smarter Tech Decisions Using APIs

Smarter Tech Decisions Using APIs

API blog

High impact blog posts and eBooks on API business models, and tech advice

API conferences

Connect with market leading platform creators at our events

API community

Join a helpful community of API practitioners

API Insights Straight to Your Inbox!

Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.

Subscribe

* indicates required

Nordic APIs will use the information you provide on this form to provide updates and news.

You can change your mind at any time by unsubscribing from any email you receive from us or by contacting us at info@nordicapis.com. We will treat your information with respect. By clicking below, you agree that we process your information per the terms in our Privacy Policy.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices.

Join Our Thriving Community

Become a part of our global community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.