How to Get Along with HATEOAS Without Letting the Bad Guys Steal Your Lunch

Explore the principles of HATEOAS (Hypermedia as the Engine of Application State) in RESTful web services and learn how to implement them securely in this 45-minute conference talk from Devoxx. Discover the benefits of decoupling clients from servers for increased flexibility and resilience, while understanding potential security risks and how to mitigate them. Gain practical insights through code examples and real-world scenarios, covering topics such as API design, enforcing HATEOAS principles, and protecting against cybercriminal exploitation. Leave with a comprehensive understanding of balancing design flexibility and security in hypermedia-driven applications, equipping you to create more robust and secure RESTful web services.

Intro
What is HATEOAS
Swamp of Podge
Fake News
Firewall
The tester
The hacker
HATEOAS API
How to enforce HATEOAS
Examples