Securing an API by using OAuth 2.0
In this tutorial by IBM, you will learn how to use OAuth 2.0 to secure an API to ensure that so that an application can access the API on a user's behalf using IBM’s API Connect Version 5.0.7.
About the tutorial
After creating the Branches API in the previous tutorial, you will learn to modify the security settings to allow a calling application to use the OAuth 2.0 to access the API on a user’s behalf without their password. This tutorial is divided in the following lessons:
- Choosing your OAuth Scheme (and establishing whether your implementation will be confidential or public)
- Creating an OAuth 2.0 provider API
- Configuring the API Security Scheme
- Acquiring an access token for your chosen scheme
- Using the access token
After completing the tutorial, you will be able to implement and test any of the following six OAuth schemes:
- implicit flow
- application flow
- confidential password flow
- public password flow
- confidential access code flow, and
- public access code flow
Requirements
In order to follow this tutorial, it is necessary to complete the previous tutorials in sequence.
Learning content
Website link
Target audience
Digital skills for ICT professionals and other digital experts.
Digital skill level
Geographic scope - Country
Austria
Belgium
Bulgaria
Cyprus
Romania
Slovenia
Croatia
Czech republic
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Italy
Ireland
Malta
Latvia
Lithuania
Luxembourg
Netherlands
Portugal
Poland
Sweden
Spain
Slovakia
Albania
Belarus
Bosnia and Herzegovina
Canada
Iceland
Israel
Japan
Kosovo
Montenegro
Morocco
North Macedonia
Norway
Serbia
Switzerland
South Korea
Russia
Tunisia
Turkey
Ukraine
United Kingdom
USA
Log in to comment
