JSFoo 2018

On JavaScript and Security

APIs Strike back : The rise of the JSON Web Tokens

Submitted by Md. Shahbaz Alam (@mdsbzalam) on Saturday, 21 October 2017

videocam_off

Technical level

Intermediate

Status

Submitted

Vote on this proposal

Login to vote

Total votes:  +3

Abstract

Most APIs today use an API Key to authenticate legitimate clients. API Keys are very simple to use from the consumer perspective:
You get an API key from the service (in essence a shared secret). Add the key to an Authorization header. Call the API. However, life isn’t as easy from the API producer part. In this talk, I’ll show how using JWTs as API Keys has greatly improved our architecture by giving us granular security, a homogenous auth architecture, decentralized issuance, debuggability and much more! Learn how to use it in your Node.js applications

Outline

https://docs.google.com/presentation/d/1-77FJfYt3hpPHhwhgd-_9PZ1I7pi0WTsWZIIjbQAzGo/edit?usp=sharing

Requirements

Laptop

Speaker bio

I’m a Full Stack Developer @ Divertido Technology , Auth0 Ambassador and Mozilla Representative.

Slides

https://docs.google.com/presentation/d/1-77FJfYt3hpPHhwhgd-_9PZ1I7pi0WTsWZIIjbQAzGo/edit?usp=sharing

Comments

  • 1
    Zainab Bawa (@zainabbawa) Reviewer 8 months ago

    Shahbaz, upload a two-minute preview video explaining what this talk is about and why the audience should attend it. Do this by 20 April so that we can finish evaluating your proposal.

Login with Twitter or Google to leave a comment