Daniel Lindau of Curity provides an overview of important OAuth flows and abilities The API space requires authorization in order to secure data – this is a given in the modern era. Accordingly, implementing the correct authorization system is vitally important, perhaps even more important than the API it is meant to handle authorization for. Read more
Posts Tagged: revocation
Little details like tokens can sometimes help structure complex API architectures. In this piece we’re going to have a look at different architectures, and ultimately see how a better way to design tokens can lead to a more performant result.
Consider the role of tokens within two facets of API design, access control and data stability. Read more