As a web developer, you have various choices regarding API authentication. This guide aims to provide you with a high-level overview of the six most used schemes. Inside, you will find a cheatsheet to help you choose.
TLS mutual authentication doubles down on HTTPS. Using this scheme your clients' identity is proved by presenting certificates and proving ownership of a private key. This is a very potent tool and also a tradeoff.
Hello, my name is Daniel Szpisjak
Your time as a Software Engineer is valuable. I get it and respect it. This blog is designed to contain small, easily consumable drops of security knowledge essential for You.
The Glossary describes common security jargon, phrases, abbreviations , and concepts succinctly and in a way that makes sense to you.
HTTP signature schemes provide integrity and authenticity on the application layer. Using them increase security but also incurs complexity.
Lots of modern web application utilize bearer tokens. They are ideal for backend integration, but can also be used on the frontend.