YoVDO

Overcoming Access Control in Web APIs

Offered By: EuroPython Conference via YouTube

Tags

EuroPython Courses Access Control Courses Token-Based Authentication Courses Single-Page Applications Courses Session Management Courses Web Frameworks Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore strategies for securing and managing access to web APIs in this EuroPython 2020 conference talk. Learn about token-based authentication, scoping for access levels, and implementing JWT strategies for both third-party integrations and single-page applications. Discover best practices for storing JWTs in browsers and controlling access privileges using structured scopes. Gain insights into various authentication methods, including cookies, headers, and session-based requests. Understand the challenges of securing APIs for both direct and browser-based access, and explore solutions using JSON Web Tokens. Apply these concepts to any web API framework, with a focus on implementation using the Sanic async web framework.

Syllabus

Intro
Welcome
Authentication
Endpoint
Protect endpoint
Protect decorator
Middleware
Authentication Failure
What we want
Determining authentication
Cookies headers
Intersession tickets
Session based requests
Nonsession based requests
Sessionbased requests
Strategy
Direct or Browser API
Why do we want to know
The problems with browsers
How is this typically handled
Recap
What if our API has to do both
What is a JSON
How to handle JSON
Python code
Solution
Structured scopes
Check mark
Cookies
API endpoints
Questions


Taught by

EuroPython Conference

Related Courses

Access Control Concepts
(ISC)² via Coursera
AZ-303 Part 2 - Implement Management and Security Solutions in Azure
A Cloud Guru
Google Cloud Identity and Access Management (IAM) Deep Dive
A Cloud Guru
Google Kubernetes Engine Deep Dive
A Cloud Guru
HashiCorp Vault
A Cloud Guru