Explore the world of API security in this conference talk from the International PHP Conference. Learn why password security can be challenging and tedious, especially in service-oriented architectures. Discover how implementing an identity provider and using OAuth and OpenID Connect can simplify security and access control for your APIs. Gain insights into authenticating and authorizing users, controlling access with claims and scopes, and see a live demo of integrating Auth0 with a common API platform. Delve into topics such as code profiles, authentication tokens, JSON tokens, Postman usage, access tokens, token verification, and Laravel integration. Understand why focusing on core API functionality rather than complex security layers can accelerate prototype and MVP development.
Overview
Syllabus
Intro
About me
The problem
The problem organically
The solution
Code
Profile
Authentication
Token
ID Token
JSON Token
Postman
Access Token
Verify Token
Integration with Laravel
Taught by
International PHP Conference
Related Courses
-
The Nuts and Bolts of OAuth 2.0
-
Symfony Security: Beautiful Authentication, Powerful Authorization
-
Symfony 5 Security: Authenticators
-
Building JavaScript and Mobile - Native Clients for Token-Based Architectures
-
Common Mistakes and Misconceptions in Web App Security Using OAuth 2.0 and OpenID Connect
-
Three Profiles of OAuth2 for Identity and Access Management - 2016
