Overview
Learn about implementing effective authorization strategies in modern web applications and APIs through this comprehensive conference talk. Explore various approaches and potential pitfalls in authorization, using the ASP.NET Core authorization API as an example of a robust abstraction layer. Discover why there's no one-size-fits-all solution and gain insights into client integration strategies, custom requirements, and practical examples such as patient resource authorization. Understand the complexities of security token usage and overloaded security tokens in modern applications, equipping yourself with the knowledge to make informed decisions about authorization in your projects.
Syllabus
Intro
Authorization is hard!
Modern Applications
Overloaded Security Token
Token Usage
Client Integration Strategies
ASP.NET Core Authorization
Custom Requirements
Example: Patient Resource
Conclusion
Taught by
NDC Conferences