Jonas Markström Axiomatics
So you’ve decided to go down the API path. You’re fitting your enterprise’s architecture with the best in REST services, micro services, and API gateways. You’ve convinced your management that opening up your most precious assets – your data – to the outside world will have considerable benefits. Just imagine: your partners, customers, and contractors will all be able to interact with your systems.
Now, of course, there is just this little nagging doubt in your head: did you code that service correctly? Are you positive only the right people have access to the relevant data? Did you thoroughly test that 10,000-line code that implements access control? Of course you didn’t… Because you didn’t hard-code the authorization. You went for Attribute Based Access Control, the weapon of choice of API Ninjas. Right?
In this talk, we will cover the basics of externalizing authorization using ABAC and how it can be applied to your APIs: – Secure API endpoints no matter the technology – Control access to API functionality – Control access to data: dynamic data masking – Implement access control as centrally-managed policies – Reuse the access control across other technologies in the stack.
Benefits include: – Leaner APIs – Slashed development time – Faster time-to-market
This post is older than 4 years. External links has been removed
October 26, 2016 14:00
High impact blog posts and eBooks on API business models, and tech advice
Connect with market leading platform creators at our events
Join a helpful community of API practitioners
Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High
impact blog posts on API business models and tech advice.
Become a part of the world’s largest community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.