Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes & Refresh Tokens

preview_player
Показать описание
There is a lot that goes into securing a Web API. In this video, I discuss why the industry decided to move on from Basic Authentication and OAuth 2.0 took over as the new standard of securing Web APIs.

This video also covers how OpenID Connect works together with OAuth to solve both Authentication and Authorization.

Scopes and deciding how to use scopes in OAuth is tricky, I also cover some tips for making those decisions. Finally, I talk about refresh tokens and how they help deal with token expiry.

#WebAPIDesign #OAuth #OpenIDConnect

Timecodes
0:00 - Intro
2:06 - Basic Authentication
5:05 - OAuth
10:16 - OpenID Connect
11:23 - Scopes
13:55 - Refresh Tokens
  1. Ambient Coder
  2. Web API Design
  3. OAuth
  4. OAuth 2.0
  5. OpenID Connect
  6. Refresh Tokens
Рекомендации по теме
Web API Security 0:16:21

Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes & Refresh Tokens

'Basic Authentication' in 0:05:07

'Basic Authentication' in Five Minutes

Understanding The Fundamentals 0:09:41

Understanding The Fundamentals of API Security | How APIs are Attacked and How to Secure Them

API Security Explained 0:02:14

API Security Explained

Difference Between REST 0:07:24

Difference Between REST API vs Web API vs SOAP API Explained

APIs for Beginners 3:07:07

APIs for Beginners 2023 - How to use an API (Full Course / Tutorial)

API Security Fundamentals 1:29:22

API Security Fundamentals Course

OWASP API Security 1:27:01

OWASP API Security Top 10 Course – Secure Your Web Apps

🚀Master.NET 8 Microservice: 2:22:41

🚀Master.NET 8 Microservice: Manage Security🔐with JWT, Restrict API Calls to Gateway, Caching & M...

Implementing basic authentication 0:19:17

Implementing basic authentication in ASP NET Web API

Session vs Token 0:02:18

Session vs Token Authentication in 100 Seconds

What Is REST 0:05:21

What Is REST API? Examples And How To Use It: Crash Course System Design #3

Top 6 Most 0:04:21

Top 6 Most Popular API Architecture Styles

What is an 0:04:56

What is an API (in 5 minutes)

APIs for Beginners 2:19:33

APIs for Beginners - How to use an API (Full Course / Tutorial)

Asp.Net Core Web 0:15:16

Asp.Net Core Web API Security Checklist. TOP 3 Vulnerabilities And How To Fix Them

Authentication on the 0:37:05

Authentication on the Web (Sessions, Cookies, JWT, localStorage, and more)

Make your Flask 0:05:24

Make your Flask API more Secure with Basic Authentication Python

Microservices Security Architecture 0:08:02

Microservices Security Architecture (+ Cybersecurity basics)

API Security Testing 0:08:01

API Security Testing : Full API Security Checklist Included.

Postman Beginner's Course 2:09:38

Postman Beginner's Course - API Testing

Implementing API Key 0:17:57

Implementing API Key Authentication in ASP.NET Core

What is a 0:09:12

What is a REST API?

How to protect 0:06:10

How to protect your APIs against these 6 security threats

Комментарии
Автор

The music was distracting in the previous ones, but the content is clear and on point! 👏

csakdee
Автор

The way you simplified this is honestly genius. I am a fan.

AnkitSingh-dvpd
Автор

I love how u explain things, first problem then solution. it make more sense rather just explaining concept

prasadmadushan
Автор

Speaking about your 3rd presentation as compared to the previous ones: the further the better. Thanks.

alexanderyashin
Автор

I really appreciate your approach to teaching. Thank you!

Sulls
Автор

Very enlightening video, thanks for creating that.
Appreciate your effort.

amriteshsingh
Автор

The way you teach is great! I think your channel will grow a lot with the quality content you provide!
I look forward to more great videos from you!

metaversity
Автор

Yes we need implementation details of each topic it be really great if you start that

rksckp
Автор

I love your teaching style, it is so unique, Good Job

ademolaayobami
Автор

precise and useful, thanks a lot for sharing :)

abhishekchandel
Автор

Great content. I am surprised the view count is so low, it should be in 100Ks.

easybachha
Автор

how is access token validated at api level?

nisaanwaar
Автор

I would like to see a full implementation

raymondmichael