Session
Computer Science and Communication Engineering
Description
Today’s modern applications are mostly designed around API’s. API’s are used for a variety of things such as passing data to another webservice reading data from a database etc. The problem with this is that not all the API’s are secure. Most of the today’s API’s are old and rely only on an authentication token where the user data often had to share their credentials with the application to enable such an API call on their behalf or string them, which is often hardcoded. We will focus on OAUTH 2.0 as new protocol in securing our API’s. This is a new protocol based on delegation of authorization, dynamically changing authentication string based on user session or application session. We will go on this different mode of authentication and show you how to use them properly. We will set up this with a Web API integrated with OAUTH and a client application that will stimulate the requests to our API’s.
Keywords:
API, REST, authorization, oauth, security, open platform
Session Chair
Edmond Jahjaga
Session Co-Chair
Ramiz Hoxha
Proceedings Editor
Edmond Hajrizi
ISBN
978-9951-437-96-7
First Page
44
Last Page
50
Location
Lipjan, Kosovo
Start Date
31-10-2020 9:00 AM
End Date
31-10-2020 10:30 AM
DOI
10.33107/ubt-ic.2020.520
Recommended Citation
Shurdi, Olimpion; Biberaj, Aleksander; Tafa, Igli; and Mesi, Genci, "OAuth2.0 in Securing APIs" (2020). UBT International Conference. 325.
https://knowledgecenter.ubt-uni.net/conference/2020/all_events/325
Included in
OAuth2.0 in Securing APIs
Lipjan, Kosovo
Today’s modern applications are mostly designed around API’s. API’s are used for a variety of things such as passing data to another webservice reading data from a database etc. The problem with this is that not all the API’s are secure. Most of the today’s API’s are old and rely only on an authentication token where the user data often had to share their credentials with the application to enable such an API call on their behalf or string them, which is often hardcoded. We will focus on OAUTH 2.0 as new protocol in securing our API’s. This is a new protocol based on delegation of authorization, dynamically changing authentication string based on user session or application session. We will go on this different mode of authentication and show you how to use them properly. We will set up this with a Web API integrated with OAUTH and a client application that will stimulate the requests to our API’s.