/plushcap/analysis/fly-io/api-tokens-a-tedious-survey

API Tokens: A Tedious Survey

What's this blog post about?

This article discusses various token-based authentication methods used in APIs and provides an overview of their pros and cons. The author covers simple random tokens, platform tokens, OAuth 2.0, JSON Web Tokens (JWT), PASETO, Protobuf Tokens, authenticated requests, Facebook's CATs, Macaroons, and Biscuits. The article emphasizes the importance of choosing the right token format based on specific use cases and requirements. It also highlights some common pitfalls and vulnerabilities associated with these methods.

Company
Fly.io

Date published
Aug. 24, 2021

Author(s)
Thomas Ptacek

Word count
4501

Hacker News points
387

Language
English


By Matt Makai. 2021-2024.