Senthilkumar Gopal is a technology leader with more than 10 years of experience working in eCommerce, Banking and Insurance technology solutions. He has extensive working experience with server side technologies such as Spring MVC and J2EE as well as client side technologies for developing Single Page Applications based on Responsive Web Design guidelines. He has been designing applications with architecture consistency and high performance guidelines, coding standards and principles using standard design patterns and service oriented application design.
Currently he leads Identity Infrastructure products with Identity Linking Platform, OAuth Specification and Secure Token Authentication systems which form the critical platform components of flows such as checkout, search etc.,
When it about converting business requirements to code, there are hundreds of best practices and frameworks available for developers to refer to. However, when it is about security for APIs, it is a well guarded secret on how does internet giants tackle their API security. What are there best practices. There are very few in this space who can ascertain to the credibility of their API and Identity assertion systems. This talk targets the uncertainty around the functioning and utility of tokens in an API security landscape. It addresses the basic needs of a token infrastructure and what would it take to build one. This talk aims to help developers embrace security and identity as part of their tool chain and remove the skepticism around building their own API security. The developers should be able to use this discussion as a launchpad for building their own API authentication systems. This is a unique talk as many companies closely guard the secret of how their token infrastructure functions.
|Ten Steps for Token based API Security||API World||September 2018|