Extended Security with WSO2 API Management Platform
- Mohamed Usama Mansoor
- Lead - Revenue Operations - WSO2
Exposing services via APIs is a powerful mechanism that increases the productivity of an enterprise and fosters developers’ innovation. When deciding on whether to expose an API to a trusted subset of users or to the larger outside world, security is a key aspect. While protecting APIs using API keys is a basic feature of any API management platform, advanced features such as single sign on for the developers portal, fine grain authorization for APIs access or supporting social logins are equally important but supported by a few.
In this webinar we will take a look at how the WSO2 API Management platform addresses those needs. Uvindra Jayasinha, senior software engineer at WSO2 will discuss the following:
- Best practices when requesting OAuth2.0 Access Tokens (including understanding the available grant types)
- Adding SAML based Single Sign On (SSO) capabilities to API management and leveraging SAML2 Bearer Tokens to request OAuth2.0 Access Tokens
- Federated identity: How to use a third-party identity provider with API Manager
- How to enforce fine-grained entitlement policies at the API management layer
- Allow external systems to take decisions based on API user's attributes