API Tokens: A Tedious Survey

This article discusses various token-based authentication methods used in APIs and provides an overview of their pros and cons. The author covers simple random tokens, platform tokens, OAuth 2.0, JSON Web Tokens (JWT), PASETO, Protobuf Tokens, authenticated requests, Facebook's CATs, Macaroons, and Biscuits. The article emphasizes the importance of choosing the right token format based on specific use cases and requirements. It also highlights some common pitfalls and vulnerabilities associated with these methods.