Skip to Content

This browser is no longer supported.

For the best WWT.com experience, please use one of our supported browsers.

Safari Logo Safari Chrome Logo Chrome Firefox Logo Firefox Edge Logo Edge
Search wwt.com...
Top Page Results

See all search results

Featured Solutions
What's trending
Help Center
Home
Solutions & Services
Solutions
Automation & Orchestration
Cloud
Data Center
Digital
Digital Workspace
ESG
Mobility
Networking
Security Transformation
See all Solutions
See all Solutions
Services
Application Services
ATC Lab Services
Consulting Services
Customer Success
Infrastructure Services
Mergers & Acquisitions
Strategic Resourcing
Supply Chain & Integration
See all Services
See all Services
Industries
Utilities
Financial Services
Global Service Provider
Healthcare
Life Sciences
Manufacturing
Oil & Gas
Public Sector
Retail
See all Industries
See all Industries
Partners
Cisco
Dell Technologies
HPE
NetApp
VMware
f5
Intel
Microsoft
Palo Alto
See all Partners
See all Partners
Learning & Support
ATC
Communities
Events
Labs
Research
About
Footer Links
Careers
Contact Us
Diversity & Inclusion
Locations
News
Sustainability
API Security ATC Elastic (ELK) Stack CI/CD Ansible F5 GitLab Infrastructure Automation DevOps Security Operations Cloudbees Elasticsearch Red Hat Automation & Orchestration Security Transformation
Video
•
201
views
•
6:15
•

January 27, 2022

API Security With OAuth2.0 Using JWT Tokens

The lab we will be discussing today demonstrates how to use the NGINX Controller API Management Module and NGINX App Protect to secure the OAuth Authorization Code flow, which is core to the Open Banking specifications.

NGINX App Protect will be deployed as an Ingress Controller for Kubernetes and will provide both negative and positive security by ingesting the OpenAPI declaration file. The NGINX API Gateway will be controlled by NGINX Controller, will publish the application API based on the same OpenAPI declaration file, will provide JWT authentication and authorization, and will enforce rate limiting. 

The deployment and configuration of these elements will be performed automatically through a CI/CD pipeline. ELK dashboards will be used for visualization purposes and, lastly, a DAST tool will also be run as part of the CI/CD pipeline. In separate instances, BIG-IP APM is deployed as both Authorization Server with OpenID Connect support and as OAuth Client.

Technologies

Contributors

User Profile Picture
Shoaib Mohammed Shahapuri
Technical Solutions Architect
© World Wide Technology. All Rights Reserved
  • About
  • Careers
  • Locations
  • News
  • Press Kit
  • Contact Us
  • Privacy Policy
  • Acceptable Use Policy
  • Quality
  • Information Security
  • Supplier Management
  • Cookies