Client Credentials: Securing APIs with Tyk

preview_player
Показать описание
In this third video of the "OAuth2.0 with Tyk" mini series, we successfully protect our API endpoint using the Client Credentials grant type. If you missed the video before, click the link at the bottom of the description to watch it and better help with understanding the concepts in this video.

00:00 Intro
01:03 Configuring API with Tyk
01:52 Authentication with Tyk
02:56 Creating a Policy & Client
02:53 Access Token Request
05:05 Generating API Request Header
05:45 Making API Request for Access Key
07:55 Using Access Key to Access API

-----------
-----------
Follow us
  1. Tyk API Management
  2. Tyk
  3. APIManagement
  4. APIM
  5. API gateway
  6. API
Рекомендации по теме
Client Credentials: Securing 0:10:28

Client Credentials: Securing APIs with Tyk

Controlling External API 0:06:06

Controlling External API Usage with the Client Credentials Grant

API Authentication: JWT, 0:06:12

API Authentication: JWT, OAuth2, and More

Quickstart: Protecting an 0:09:36

Quickstart: Protecting an API using Client Credentials

OAuth 2.0 Client 0:05:34

OAuth 2.0 Client Credentials Flow (in plain English)

Apigee - 4MV4D 0:04:59

Apigee - 4MV4D - Secure your APIs using OAuth 2.0 Client Credentials Grant Type - S24E06

OAuth client credentials 0:03:25

OAuth client credentials flow

Client Credentials Grant 0:02:16

Client Credentials Grant Flow is REALLY BAD

Azure App Registration 0:05:19

Azure App Registration Tutorial 2025: Generate Access Tokens Step-by-Step | Complete Guide

Service to service 0:14:45

Service to service OAuth2.0 Client Credentials Flow using AWS Cognito and API Gateway

Client Credentials Flow 0:03:26

Client Credentials Flow - OAuth2.0&OpenID_7

Implement the OAuth 0:05:01

Implement the OAuth 2.0 client credentials grant type flow in Apigee

6 Creating 0:07:02

6 Creating Client Credentials inside KeyCloak for API API secured invocations

OAuth 2 Explained 0:04:32

OAuth 2 Explained In Simple Terms

How to Use 0:13:45

How to Use Client Credentials Flow with Spring Security

OAuth 2.0 - 0:03:34

OAuth 2.0 - Client Credentials

API Security - 0:14:05

API Security - Mastering Client Credentials and Password Grant

Apigee Edge - 0:03:03

Apigee Edge - 4MV4D - API Security - OAuth 2.0 Client Credentials Overview - S24E05

OAuth 2.0 Client 0:02:35

OAuth 2.0 Client Credentials Grant: A Complete Guide

Implementing the client 0:06:32

Implementing the client credentials grant type and limit access using OAuth 2.0 scopes in Apigee

Protect an API 0:09:13

Protect an API in Azure API Management using OAuth - Step-by-Step Tutorial

Integrating APIs with 0:08:04

Integrating APIs with OAuth 2 Client Credentials Flow Using GCP Application Integration | REST Task

Machine to Machine 0:16:09

Machine to Machine authorization using Client Credentials flow in AWS Cognito and with API Gateway

Login API Method 0:00:20

Login API Method for JWT Authentication #dotnet #dotnetcore

Комментарии
Автор

Hi

Thanks for this explanation. Please clarify the below query

Is it possible to have multiple access token for same client id and secret key and keep all of them valid throughout expiration time.

In other words, can we control the Token Life cycle

sp.karthick
Автор

Very clear explanation; thanks. However it seems a bit of overkill to provide both the base64 encoded client id and secret in the header and then the actual clear text values in the body. When accessing MSGraph for example, I can get the token by just defining the client id and secret in the body.

MrAndrewpindar
visit shbcf.ru