Posts Tagged: scopes

Introducing The API Security Maturity Model

When a user utilizes a service, that user must first attest they are who they say they are. In most use cases, they must then confirm they can do what they’re trying to do. For many users, this is a relatively non-transparent process, and it might seem to happen magically behind the scenes. Read more

Is OAuth Enough for Financial-Grade API Security?

“If you think about where OAuth started, it was really about securing comments on blog posts and now we’re talking about enterprises, so it’s a whole different class of security.”

This is how Travis Spencer, CEO at the identity company Curity, opened his talk at our 2019 Austin API Summit, and it’s an astute summary of the way many products (particularly in the tech scene) are tweaked or re-engineered beyond their original purpose. Read more

Build GDPR Compliant APIs with OpenID Connect

GDPR, the European Union’s General Data Protection Regulation, came into effect in March of 2018. This new regulation sets the privacy and security expectations for handling user data, and applies to every actor evenly tangentially related to the European market. Read more