API Authentication

Home API Penetration Testing Course Malware Analysis API Authentication SSDLC IS Auditing, Controls and Assurance Cyber Incident Response Security of the Pipeline Security in the Pipeline Container Security Infrastructure as Code

Introduction
API Authentication - a (very) brief introduction
OAuth Actors
OAuth 2.0 Interaction patterns
Tokens
Scopes and Claims
APIs and Gateways
Final Assessment

Powered by GitBook

On this page

With Exchange
Alternative 1 - Pure introspect
Alternative 2 - Embedded token in JSON
Alternative 3 - Token exchange

Introspection

PreviousAll APIs should depend on JWTs NextAPI to API call

Last updated 3 months ago

With Exchange

Alternative 1 - Pure introspect

Alternative 2 - Embedded token in JSON

Alternative 3 - Token exchange