ABAC, ReBAC, Zanzibar, ALFA… How and Why Should I Implement Authorization in My APIs?
A talk given by David Brossard from Axiomatics at the 2024 Austin API Summit in Austin, Texas.
So you’ve just built your cool new API and figured out the authentication part. You’re even using OAuth for access delegation, scopes, and claims. So, you’re good, right? Well what about fine-grained authorization? What about OWASP’s #1 security threat, broken access control? How do you handle that? Maybe you need an authorization framework to help with that. But which one? Is ABAC the way to go? Policies? Graphs? In this presentation, we’ll give you the tools to understand what authorization for APIs entails, what options you have, and how to successfully implement a secure authorization strategy for your APIs. We will cover approaches such as ALFA, ReBAC, and Zanzibar and illustrate with a live demo.
Get the latest API insights straight to your inbox, subscribe to Nordic APIs newsletter: https://nordicapis.com/newsletter/
Смотрите видео ABAC, ReBAC, Zanzibar, ALFA… How and Why Should I Implement Authorization in My APIs? онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Nordic APIs 03 Апрель 2024, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 92 раз и оно понравилось 1 людям.