Header Image

API Tech Talk: Common OAuth Security Mistakes & Threat Mitigations

Mitigate common threats to enterprise-level OAuth implementations

Mitigate common threats to enterprise-level OAuth implementations

 

With vulnerabilities surfacing in the OAuth implementations of popular service providers like Yammer, Instagram and Facebook, it would be hard to blame anyone for getting the impression that there are fundamental security flaws in the OAuth protocol.

In this interactive online session, originally broadcast live as part of the Layer 7 Technologies API Tech Talk series, guest expert Francois Lascelles of Layer 7 discusses the common security mistakes made in OAuth implementations and explains how to mitigate common threats.

Viewer questions answered in this Tech Talk include:

  • Do I need to do something on top of OAuth to prevent phishing attacks?
  • What can you do about client secrets being compromised?
  • Can OAuth be used for authorizing cloud applications implementing Big Data solutions?