Software Engineering Radio - the podcast for professional software developers cover image

Episode 376: Justin Richer On API Security with OAuth 2

Software Engineering Radio - the podcast for professional software developers

00:00

RFC - The Jot Specification

The Jot specification was designed as a way to communicate information about what's been delegated from the authorization server to the resource server. The downside of this is you're carrying all of that information inside the JSON web token. So when the token shows up, it can carry a signature. And the token itself can tell me like, yeah, this is for this set of APIs and this set of actions at these API within this time window for this specific user.

Transcript
Play full episode

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app