Revolutionizing API Access Control with Decentralized Authorization

The common assumption about access control in APIs is to cover the introductory auth phase as part of the API gateways and let the application code cover the advanced authorization and permission management. In the modern stacks of APIs, however, applications are usually decentralized and disconnected from each other while the APIs in the product serve all needs together. The old authorization assumption can lead to implementation and efficiency problems in access control. This talk will discuss decoupling policy and permissions from application code, using open-source tools for decentralized but unified policy solutions, and running sidecars to handle permissions efficiently. We will build a demo product that proxied API calls and do an advanced authorization in the phase it should be, the API gateway.

Smarter Tech Decisions Using APIs

Smarter Tech Decisions Using APIs

API blog

High impact blog posts and eBooks on API business models, and tech advice

API conferences

Connect with market leading platform creators at our events

API community

Join a helpful community of API practitioners

API Insights Straight to Your Inbox!

Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.

Join Our Thriving Community

Become a part of our global community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.