Session

When Basic OAuth Is Not Enough

OAuth 2.0. gives you some great tools in terms of authorising access to resources. It works very well in web environments but falls short when working with APIs, e.g. when you want to run the API in a GUI-less environment or use the API from a client machine (think of a desktop or mobile app). Thankfully there are some extensions to the RFC that help alleviate those problems. In the talk I would like to present the concepts of Device Grant, proof key of code exchange and the token exchange flow – different OAuth extensions which can be really helpful when working with APIs.

Event
The 2019 Platform Summit
Time

October 23, 2019 10:30

Location:

Bankettsalen

Duration:

20

Smarter Tech Decisions Using APIs

API blog

High impact blog posts and eBooks on API business models, and tech advice

API conferences

Connect with market leading platform creators at our events

API community

Join a helpful community of API practitioners

API Insights Straight to Your Inbox!

Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.

Join Our Thriving Community

Become a part of the world’s largest community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.