Explore the implementation of Transaction Tokens with Keycloak in this informative conference talk. Delve into the best practices for authenticating API requests using OAuth2 access tokens and learn about the importance of verifying the "audience" to prevent Token Redirect attacks. Discover how Transaction Tokens, utilizing OAuth2 Token Exchange, can help identify call chains in cloud-native architectures with numerous internal workloads. Gain insights into the potential of Keycloak, an open-source Identity and Access Management solution, to support Transaction Token services. Understand the overview of Transaction Tokens and their practical implementation using Keycloak to enhance security in complex cloud environments.
Implementing Transaction Tokens with Keycloak for API Request Authentication
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
How Does a Workload Authenticate an API Request?: Implementing Transaction Token... Yoshiyuki Tabata
Taught by
CNCF [Cloud Native Computing Foundation]