Securing Spring Data REST APIs
|
If you got a text from an unlisted number asking for your credit card, would you give it out? Actually, we do this with customer data all the time in our REST APIs. Learn how Spring Security simplifies OAuth 2.0 and helps close these security gaps.
REST APIs need to be good data stewards. To achieve that, it is fundamental to know who is asking you for data and whether their request is authorized. Spring Security is here to help. In this course, Securing Spring Data REST APIs, you will gain the ability to authenticate and authorize REST APIs in Spring. First, you will learn where HTTP Basic is helpful and not so helpful. Next, you will discover OAuth 2.0 and Bearer Token Authentication using JWTs and Opaque tokens, and how to map these to granted authorities. Finally, you will explore how to manage token ingress and egress using CORS, BFF, API Gateway, and other patterns. When you are finished with this course, you will have the skills and knowledge of Spring Security needed to secure REST APIs.
Author Name: Josh Cummings
Author Description:
Like many software craftsmen, Josh eats, sleeps, and dreams in code. He codes for fun, and his kids code for fun! Right now, Josh works as a full-time committer on Spring Security and loves every minute. Hailing from Salt Lake City, Utah, Josh loves to hike and be in the outdoors when he’s not hacking away at some new Java library. He also loves to juggle, especially on every third Saturday in June. Application Security holds a special place in his heart, a place diametrically opposed to and cos… more
Table of Contents
- Course Overview
1min - Authorizing REST API Requests with HTTP BASIC
22mins - Authorizing REST API Requests with JWT
29mins - Authorizing REST API Requests with Opaque Tokens
16mins - Securing a Multi-tenant REST API
17mins - Securing Ingress and Egress
14mins
User Reviews
Be the first to review “Securing Spring Data REST APIs”
Related Products
Cisco CyberOps: Exploring Security Concepts
Cybersecurity concepts are fundamental pieces of knowledge necessary to have a career in the industry. This course will explore security concepts to ensure that a solid foundation is laid for future knowledge.
The IT Ops Sessions: Zero Trust Technologies – Designing and Deploying Microsegmentation
In this IT Ops session, you’ll learn to design and deploy microsegmentation throughout your enterprise.
Maintaining Deployment Security in Microsoft Azure
This course identifies the resources, tools, and methods needed to maintain the security of your deployed resources in Azure.
Implementing Host Security in Microsoft Azure
This course identifies the resources, tools, and methods needed to secure hosts in Azure as well as hosts connecting to Azure.
Cryptography Fundamentals for Developers and Security Professionals
Cryptography ensures confidentiality and authenticity of digital documents. The mathematics behind cryptography show us why, and how far, it can be trusted.
Collection with PowerSploit
In this course, we'll explore the language of logic and deductive reasoning. Completing this course will grant you the knowledge needed to make better decisions.
There are no reviews yet.