api   199672

« earlier    

Scale - API For Human Labor
API for Human Labor.
Get human tasks done with just one line of code.
api  producthunt 
8 hours ago by laurajnash
Using JSON Web Tokens as API Keys
Using a JSON Web Token offers many advantages:

Granular Security: API Keys provide an all-or-nothing access. JSON Web Tokens can provide much finer grained control.
Homogenous Auth Architecture: Today we use cookies, API keys, home grown SSO solutions, OAuth etc. Standardizing on JSON Web Tokens gives you an homogenous token format across the board.
Decentralized Issuance: API keys depend on a central storage and a service to issue them. JSON Web Tokens can be "self-issued" or be completely externalized, opening interesting scenarios as we will see below.
OAuth2 Compliance: OAuth2 uses an opaque token that relies on a central storage. You can return a stateless JWT instead, with the allowed scopes and expiration.
Debuggability: API keys are opaque random strings. JSON Web Tokens can be inspected.
Expiration Control: API keys usually don't expire unless you revoke them. JSON Web Tokens can (and often do) have an expiration.
Devices: You can't put an API key that has full access on a device, because what is on a phone or tablet can easily be stolen. But you can put a JWT with the right set of permissions.
jwt  security  authentication  token_authentication  api 
14 hours ago by rufous

« earlier    

related tags

3d  activity  adaptive  api_gateway  apigee  apns  apollolibrary  apollowebstudio  app  apparel  apple  architecture  authentication  aws  backend  banking  best-practices  bestpractice  branches  browsers  business  calibre  case  cheatsheet  clothing  cloud  cms  collaboration  communication  compliance  component  components  composition  connectomics  contacts  cool-tools  crm  data  database  dataset  datastores  ddd  ddos  design  desktop  dev  developer  developers  development  digpass  diy  documentation  domain  driven  ecommerce  electron  example  examples  fablr  feed  feeds  flask  follow  framework  fulfillment  games  gax  gemalto  geo  gis  git  github  glsl  golang  google  graph  graphics  hacking  heroku  http  human  ibm  idea  identity  image_processing  java  javascript  js  json  jwt  lambda  library  lyrics  machine_learning  machinelearning  manual  mechanicalturk  messaging  microservicearchitecture  mobile  mocking  module  move  mysagov  neural_network  nginx  notification  notifications  oembed  opensource  openstreetmap  osm  pact  phone  php  physical  physicalgames  pico8  print  printing  producthunt  programming  protected  protection  prototype  ps3  ps4  psmove  push  push_notifications  python  rails  rails5  realtime  reference  resources  rest  rs  ruby  rubyonrails  saas  safenet  schema  scrape  search  security  server  service  services  shaders  shop  slack  sms  social-network  sonos  sony  static  statistics  statuscodes  step  storage  stream  tasks  technology  ted  test  token_authentication  tools  tshirt  turk  tutorial  up  versioning  video  vmeware  voice  voip  vrops  vue  warden  watson  web-dev-tools  web-dev  web-development  web-service  web  webdev  youtube 

Copy this bookmark: