Integrating OAuth in 7 lines of JavaScript

OAuth 2 was designed to simplify integration with Web and mobile apps. While it has certainly made this chore easier, there are still challenges around securely integrating it into your Web apps. In this talk, Travis Spencer, CEO and founder of Twobo Technologies and Nordic APIs, will explain the various flows of OAuth with a concentration on the implicit flow that is especially useful for Single Page Applications (SPA) and JavaScript clients. He will highlight the security implications of using such clients and explain how to mitigate the associated risks using the OAuth concept of “scopes.” He will then pull it all together in a stunning demo that will leave the audience feeling like they just attended a magic show in Las Vegas rather than an API event on the other side of the world!


The API Stack Conference


April 12, 2016 15:50