Posts Tagged: tokens

Is OAuth Enough for Financial-Grade API Security?

“If you think about where OAuth started, it was really about securing comments on blog posts and now we’re talking about enterprises, so it’s a whole different class of security.”

This is how Travis Spencer, CEO at the identity company Curity, opened his talk at our 2019 Austin API Summit, and it’s an astute summary of the way many products (particularly in the tech scene) are tweaked or re-engineered beyond their original purpose. Read more

Token Design for a Better API Architecture

Little details like tokens can sometimes help structure complex API architectures. In this piece we’re going to have a look at different architectures, and ultimately see how a better way to design tokens can lead to a more performant result.

Consider the role of tokens within two facets of API design, access control and data stability. Read more