Security, Authentication, Authorization and SSL

Table of Contents

Different ways to implement Security, Authentication, Authorization and SSL
Bearer Tokens
Reading material

Different ways to implement Security, Authentication, Authorization and SSL

Keycloak authorization server -

to secure the communication between services
Identity and Access management
Single Sign-on

OAuth2

Delegated authorization with access token

OpenID Connect

Authentication with ID Token

Bearer Tokens

It means that the Bearer of this token is granted access. It means that anybody that has access to this access_token, has access to the API (and so, the data). There is no further authorization within a Bearer token. They are considered secure because of the fact that they are valid only for a limited time. If someone gets a hold of a Bearer token and they can use it, they can use it only for one hour before it expires.

Reading material

https://www.keycloak.org/docs/latest/authorization_services/index.html

Links to this note

Computer Networking and Cyber Security