You might be thinking “Duh, all APIs are for developers”, but the reality is when it comes time to expose our API to third party developers, there are a few important security and logistical problems to conquer that you might not think about before hand. In this talk we take a look at the best way to protect your API using Identity Server 4 and walk through all the configuration you’ll need to get third party devs up and running in no time.
Specifically we’ll cover:
– API first development and designing your API with third party developers in mind
– Setting up Identity Server 4 with a basic real-world configuration
– Protecting our API using JWTs and;
– Bearer Authentication Controlling access to API endpoints based on authentication policies