Design and Build Great Web APIs

Supporting Machine-to-Machine Security

Adding support for machine-to-machine (M2M) security to your API takes just a few steps. You need to add a few modules to your project that contain the functionality to communicate with OAuth providers and evaluate JWTs. You also need to modify your own API service interface to look for and process JWTs when they appear. Finally, you need to import the OAuth authentication parameters you collected from the third-party provider (see âCollecting API Identity Parametersâ).

Company-Secure
	For the example in this chapter, Iâve forked the existing company sample API service to one named company-secure

Get Design and Build Great Web APIs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Design and Build Great Web APIs by Mike Amundsen

Supporting Machine-to-Machine Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly