Challenge: Securing APIs

Practice defining an API in Auth0 and collect access control parameters by updating our Credit-Check service.

We'll cover the following...

Exercise
Defining the API in Auth0 and collecting access control parameters
Updating the credit-check-secure Node.js project
Testing your API security

Exercise

For this exercise, you’ll define an M2M identity in Auth0 for your credit-check service and then update your code to support access control using OAuth and JWTs. Along the way, you’ll use the security bash scripts to request a valid JWT and then use it to make secured requests of your updated credit-check service.

Defining the API in Auth0 and collecting access control parameters

First, sign into the Auth0 website and define or create a new API called bigco-credit-check. Then collect the five important access control parameters

...

Introduction

Understanding HTTP, REST, and APIs

Modeling APIs

Designing APIs

Describing APIs

Sketching APIs

Prototyping APIs

Building APIs

Build a Rest API for an Image-Sharing App With Node.js

Testing APIs

Securing APIs

Deploying APIs

Deploying a Web Application to Heroku Using CLI

Modifying APIs

Some Parting Thoughts

Appendixes

Challenge: Securing APIs

Exercise

Defining the API in Auth0 and collecting access control parameters