Ahead in 2020: Preparing for new mechanisms that will help secure APIs

20 December 2019

Let me back up a bit. Today, the most common mechanism for securing APIs is OAuth2 with Bearer tokens in the form of JWTs. When calling APIs from interactive sessions in a user’s browser, the path of least resistance is to log the user in, stuff their JWT in the browser’s localStorage, and go about your business calling APIs with that JWT. There’s just one problem:

Read full article on JAXenter

Date:

20 December 2019

Categorie(s):

NEWS

Tag(s):

Api, APIs, Articles

Silobreaker empowers users with timely insight into key cybersecurity incident filings29 April 2024
72% of CISOs believe AI solutions may lead to security breaches29 April 2024
OpenAI’s ChatGPT is Breaking GDPR, Says Noyb29 April 2024
UK lays down fresh legislation banning crummy default device passwords29 April 2024
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM29 April 2024