Cloud native APIs are the product of orchestrated distributed microservices that can disappear and respawn at any time. The question is, how can one microservice trust the others in such a dynamic environment? How do I know that I’m talking with one of my microservices and not a malicious one? More importantly, how can I trust incoming requests and perform adequate authorization in a microservice to avoid security incidents? In this talk Judith loots documents of the OAuth 2.0 family of standards for useful patterns that can combine cloud native practices with OAuth. The goal is to craft a security architecture for APIs that utilizes common cloud native technologies like API gateways and workload identities for various extensions of the OAuth protocol to demonstrate how to implement zero-trust in a modern way.
High impact blog posts and eBooks on API business models, and tech advice
Connect with market leading platform creators at our events
Join a helpful community of API practitioners
Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.
Become a part of our global community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.
