March 2025
Intermediate to advanced
390 pages
10h 55m
English
Content preview from Cloud Native Data Security with OAuth
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 11. Managing a Cloud Native Authorization Server
An authorization server is a critical security component that you must manage over time. When getting started, you may have a number of concerns:
-
How do I ensure zero-downtime upgrades?
-
How do I manage changes to security settings across multiple teams?
-
How do I ensure that my authorization server is highly available?
-
How do I troubleshoot failures during OAuth flows?
-
How do I monitor API security and receive early warning of threats?
You might prefer to use a managed identity-as-a-service (IDaaS) solution for your authorization server. You then get some deployment conveniences and can point your applications and APIs to internet OAuth endpoints. You do not need to deploy any containers and upgrades occur automatically. You also trust the provider to ensure high availability. You still need to manage identity data like user accounts and configuration settings for all stages of your deployment pipeline. In some cases, an IDaaS service may meet all of your main requirements.
Your requirements may evolve over time. With a cloud native authorization server, you get more control over how to adapt to your specific needs and future requirements. We think that control is important because the authorization server is, after all, a critical component to your business. We believe that if you can manage APIs using cloud native patterns, you can manage a cloud native authorization server as well. You then get a solution that ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.