October 2020
Intermediate to advanced
358 pages
8h 39m
English
Content preview from Design and Build Great Web APIs
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Supporting Machine-to-Machine Security
Adding support for machine-to-machine (M2M) security to your API takes just a few steps. You need to add a few modules to your project that contain the functionality to communicate with OAuth providers and evaluate JWTs. You also need to modify your own API service interface to look for and process JWTs when they appear. Finally, you need to import the OAuth authentication parameters you collected from the third-party provider (see Collecting API Identity Parameters).
Company-Secure | |
|---|---|
|
For the example in this chapter, I’ve forked the existing company sample API service to one named company-secure. I’ll show ... |