Securing Your App with OAuth

In this talk, you’ll learn how to use OAuth 2.0 to secure access to your APIs. OAuth is an authorization protocol that enables applications to access data on behalf of users without needing to know their username and password. This enables many use cases such as easily enabling multi-factor authorization for your users and better separation of concerns of all your backend services.

Here are some things we’ll cover:

• How to use JWT access tokens, as well as the tradeoffs that come with them
• How to design scopes that allow granular access to various parts of your backend services
• How to design a microservices architecture protected by OAuth at a gateway