From the Cambridge Analytica scandal to the recent SingHealth cyber attack, data security continues to be a hot topic around the world.
APIs are in no way immune to these concerns – if anything, an understanding of the importance of API authentication and authorisation is critical to ensuring your API and API users are safe and secure.
For the latest API Craft Singapore meet-up, David Garvey, APAC Technical Director at Tyk, explained why API management and identity management are ideal partners as part of a robust API programme.
And, for those who missed out, Engineers.sg were on hand to film it for us!
After giving a brief overview of authentication approaches for different use-cases, Dave took members on a a deep-dive walkthrough of how Tyk’s API Gateway, Management Platform, and Dev Portal work with Okta Identity Provider.
Watch the full presentation above. Demonstrations can be found at the following points:
- Using OAuth with Github to generate an API Token (31:05)
- Secure a Tyk Dashboard Admin User Login with Open ID Connect & Okta (38:49)
- Secure a Tyk Portal Developer Login with Open ID Connect & Okta (46:27)
Additional resources
- A step-by-step guide on how to implement Single Sign On (SSO) with Tyk and Okta
- Livecast: Choosing the right authentication method for your microservices
- Blog: How we added Single Sign On (SSO) functionality to our Tyk API Gateway
