October 2020
Intermediate to advanced
358 pages
8h 39m
English
Content preview from Design and Build Great Web APIsBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Implementing API Security with Auth0
We’re going to use the Auth0 online platform for our API security. We’ll need to log in (or sign up) at the website, define our API in the Auth0 system, and collect key authentication parameters that we’ll need in order to access the secured API (for example, our access token). We’ll also learn how to validate access tokens with the JWT.io website.[86]
Once we have that taken care of, we can modify our API service to support secure connections, and then we can test that using the access token supplied by Auth0. But first, let’s log in to our security provider and define our secure API.
Logging In to Auth0
The first step in adding security to our API will be to log in to Auth0.[87] I like using Auth0 because ...