API Tokens: A Tedious Survey
This article discusses various token-based authentication methods used in APIs and provides an overview of their pros and cons. The author covers simple random tokens, platform tokens, OAuth 2.0, JSON Web Tokens (JWT), PASETO, Protobuf Tokens, authenticated requests, Facebook's CATs, Macaroons, and Biscuits. The article emphasizes the importance of choosing the right token format based on specific use cases and requirements. It also highlights some common pitfalls and vulnerabilities associated with these methods.
Company
Fly.io
Date published
Aug. 24, 2021
Author(s)
Thomas Ptacek
Word count
4501
Hacker News points
387
Language
English