JSFoo 2018

JSFoo 2018

On JavaScript and Security

Md. Shahbaz Alam


APIs Strike back : The rise of the JSON Web Tokens

Submitted Oct 21, 2017

Most APIs today use an API Key to authenticate legitimate clients. API Keys are very simple to use from the consumer perspective:
You get an API key from the service (in essence a shared secret).
Add the key to an Authorization header.
Call the API.
However, life isn’t as easy from the API producer part. In this talk, I’ll show how using JWTs as API Keys has greatly improved our architecture by giving us granular security, a homogenous auth architecture, decentralized issuance, debuggability and much more! Learn how to use it in your Node.js applications





Speaker bio

I’m a Full Stack Developer @ Divertido Technology , Auth0 Ambassador and Mozilla Representative.




{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}