Securing APIs is becoming more and more important to protect sensitive data and ensure seamless user experiences. This talk will guide you through the art of securing APIs using OAuth2 framework.

First, we’ll demystify OAuth2, exploring its components, grant types, and workflows. Next, we’ll delve into OpenID Connect, an identity layer built on top of OAuth2, enabling user authentication and ID token verification. Drawing from real-world implementations from our customers experiences and feedbacks, we’ll share best practices for safeguarding your API security. We will also make a brief description of what would be expected in the future for authentication (OAuth2.1)