Robert Broeckelmann

Managing Director, Iya CyberSecurity Solutions

My focus within Information Technology is API Management, Integration, and Identity–especially where these three intersect. https://iyasec.io

Results 1-4 of 4 for All Categories

OAuth2 Access Token Usage Strategies for Multiple Resources (APIs): Part 3

Robert Broeckelmann

Read this blog post to learn more about reusing OAuth2 Access Tokens for different resources (APIs advertised on an API Gateway). The post looks at some of the supporting concepts that impact how the options work and guides you to a deeper understanding of which approaches you might take.

OAuth 2 Access Token Usage Strategies for Multiple Resources (APIs): Part 2

Robert Broeckelmann

There are several options for using OAuth 2 access tokens with multiple back-end resources (APIs) with single page applications or mobile applications. Read this post to discover how scope and audience are used to describe resources and how these different options might be implemented.

OAuth 2 Access Token Usage Strategies for Multiple Resources (APIs): Part 1

Robert Broeckelmann

When an application consumes a variety of different APIs, often all endpoints require an OAuth 2 access token issued from a common Identity Provider, with appropriate security token checks in place. Gain an understanding of three primary approaches for best employing OAuth 2 access tokens.

Securely Using the OIDC Authorization Code Flow and a Public Client with Single Page Applications

Robert Broeckelmann

The use of the OAuth2 Authorization Code Grant or OIDC Authorization Code Flow with a Public Client with Single Page Applications (SPAs) is on the rise. Learn why.

1