Why you shouldn’t care about Security

2
Oct

Why you shouldn’t care about Security

API development is fun! Everyone is doing it, from large organisations wanting to provide developer access to their systems, to small websites wanting to push web application business logic to the browser. Password security is boring. It’s also harder than you’d think.

The number of reported system breeches is on the increase, with big names being hit by hackers. And when it comes to service oriented architecture, you
have to secure multiple services. That’s just tedious. There are a number of solutions, but few that let you pretty much forget about security and access control. In this talk
and demo, Ben will show how implementing an identity provider and using OAuth and OpenID Connect can allow you to ramp up your prototypes and MVPs with more
ease and to concentrate on the core purpose of the APIs, rather than the layers of security that are a must in today’s digital world.

Three takeaways:

  1. You will gain an understanding of OAuth and Open ID Connect to authenticate and authorize a user.
  2. You will learn about the use of claims and scopes to control access to certain features of a system.
  3. You will see a live demo of how to integrate Auth0 with a common API platform.

Ben Dechrai at the International PHP Conference 2019:


→ To Identity and Beyond!

→ My voice is my passport. Verify me?

The full program of IPC 2019 in Munich

Learn more about International PHP Conference 2019
19
Nov

Why you shouldn’t care about Security

API development is fun! Everyone is doing it, from large organisations wanting to provide developer access to their systems, to small websites wanting to push web application business logic to the browser. Password security is boring. It’s also harder than you’d think. The number of reported system breeches is on the increase, with big names being hit by hackers. And when it comes to service oriented architecture, you have to secure multiple services. That’s just tedious. There are a number of solutions, but few that let you pretty much forget about security and access control. In this talk and demo, Ben will show how implementing an identity provider and using OAuth and OpenID Connect can allow you to ramp up your prototypes and MVPs with more ease and to concentrate on the core purpose of the APIs, rather than the layers of security that are a must in today’s digital world. Three takeaways: 1. You will gain an understanding of OAuth and Open ID Connect to authenticate and authorize a user. 2. You will learn about the use of claims and scopes to control access to certain features of a system. 3. You will see a live demo of how to integrate Auth0 with a common API platform.

Stay tuned!

Behind the Tracks of IPC

PHP Development
Best Practices & Application

Web Development
Web Development & more

JavaScript Development
All about JavaScript

Agile & Culture
Agility has become mainstream

Architecture
Concepts & Environments

Web Security
All about Web Security

Testing & Quality
An overview of the most important topics

DevOps
DevOps is a philosophy