API Security Tokens Flows and the Big Bad Wolf

Explore the intricacies of API security, token flows, and authorization challenges in this 56-minute conference talk from BSides Columbus 2019. Delve into the world of APIs and digital transformations, understanding their significance in modern technology. Examine common pitfalls in API security and learn best practices for securing resource access through proper authorization and authentication methods. Gain insights into OAuth 2.0, fine-grained authorization, and the importance of adhering to OWASP guidelines. Discover strategies to identify potential security threats and implement robust security measures to protect your APIs from the "big bad wolf" of cyber threats.

Intro
APIs and Digital Transformations
API - The Magic 3 letters!
What Were They Thinking
What Should I Be Thinkinga
Accessing Resources Securely - Authorization
The Authorization Dilemma!
Spot the Wolf!
OAuth2.0: The Scoop
Accessing Resources Securely - Authentication
Authentication: Though Shal Know
Fine Grain Authorization
Live Your OWASP Promise
Line Up Your Players & Get Your Act Together