P. SiriwardenaAdvanced API Securityhttps://doi.org/10.1007/978-1-4842-2050-4_14

14. OAuth 2.0 Security

Prabath Siriwardena¹

(1)

San Jose, CA, USA

OAuth 2.0 is an authorization framework, as you know already. Being a framework, it gives multiple options for application developers. It is up to the application developers to pick the right options based on their use cases and how they want to use OAuth 2.0. There are few guideline documents to help you use OAuth 2.0 in a secure way. OAuth 2.0 Threat Model and Security Considerations (RFC 6819) produced by OAuth IETF working group defines additional security considerations for OAuth 2.0, beyond those in the OAuth 2.0 specification, based on a comprehensive threat model. The ...

Get Advanced API Security: OAuth 2.0 and Beyond now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Advanced API Security: OAuth 2.0 and Beyond by Prabath Siriwardena

14. OAuth 2.0 Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly