Showing posts from 2017

tl;dr: OAuth 2.0

Externalising the Security Token Service and Identity Provider

Problems with Basic Authentication for REST services

Bearer tokens are susceptible to theft and what you can do about it

In the (back)end, JWT is all that matters

Protect your REST APIs with JWT tokens