Gerry Gebel and Jonas Iggbom of Axiomatics will give a presentation at this year’s API World in San Jose, CA. Their presentation, “API Security: When OAuth is Not Enough” is part of the Business of APIs: API Strategy agenda track.
Join us and 3,000+ executives, engineers, and entrepreneurs in Silicon Valley for the world’s largest vendor-neutral API conference and expo.
Pro Talk: “API Security: When OAuth is Not Enough”
Tuesday, September 11th @ 10:00am | Workshop Room 4
Given the popularity of APIs and microservice-based application development, it is no surprise that API security is also a topic of great interest. OAuth is the most common API security standard in use, but it is not a one-size-fits-all proposition. This session will illustrate where OAuth limitations can be addressed by adding in the complementary functionality of the Attribute Based Access Control (ABAC) standard. ABAC, OAuth and OpenID Connect standards can work together in meeting the broadest range of security requirements when sensitive or regulated data is accessed via APIs, providing a more comprehensive security formula than when using OAuth alone. Jonas and Gerry will explore the details of how these standards integrate, describe benefits of the approach, and will provide a live demonstration.