Cloud Native Data Security with Oauth

With the growth of cloud native applications, developers increasingly rely on APIs to make everything work. But security often lags behind, making APIs an attractive target for bad actors looking to access valuable business data. OAuth is a popular way to address this issue, but this open standard doesn't provide sufficient guidelines for using API tokens to protect business data. That alone can lead to vulnerabilities and invite data breaches.

By using cloud native components in Kubernetes or similar platforms, organizations can implement a scalable, future-proof security architecture for their systems that follows a zero-trust approach to protect business data. You'll access tokens, claims, and token design with an emphasis on an API-first approach. This book takes readers through an end-to-end security architecture that scales to many components in a cloud native environment, while only requiring simple security code in applications and APIs.

You'll learn:

• Why user identity must be part of your cloud native security stack
• How to integrate user identity into APIs
• How to externalize security, secure data access, and authenticate clients using OAuth
• Methods for running security components in a Kubernetes cluster
• How to use claims to protect business data in APIs
• How to follow security best practices for client applications and APIs

Gary Archer has worked as a lead developer and architect for 20 years, providing investment banking solutions. This work included leading the design for many OAuth-based migrations and gaining an understanding of the code simplicity it can enable, as well as the learning curve faced by engineering teams in a distributed security architecture. His experience also includes extensive onsite support of complex business systems. Gary has worked at Curity for the last few years in a role focused on teaching many end-to-end security flows, including web, mobile, and API components and how to integrate them with security components. Judith's interest in security and identity started in high school. She believed that security is a critical element of the future of IT, a belief she still holds today. She has worked in different technical roles throughout her career and gained experience in various levels of security, from high-tech protocols to low-tech policies. Thanks to this diverse background, she excels in translating and explaining technical details related to but not limited to OAuth and OpenID Connect in blogs, articles, tutorials, webinars, and so on. Michal Trojanowski is a Product Marketing Engineer at Curity. He has over 15 years of experience working as a developer in various technologies and languages. He's no stranger to backends, frontends, APIs, or mobile apps. That experience has helped him turn to his current role, where he helps people better understand authentication, OAuth, OpenID Connect, or JWTs. Keen to share his knowledge of identity and security-related topics.

This item is eligible for free returns within 30 days of delivery. See our returns policy for further details.