Need help with your APIs? I offer API discovery, governance & evangelism services. Explore services →
API Evangelist API Evangelist
Learnings
Guidance
Toolbox
Alignment
API Evangelist LLC

JWT (Authentication)

Require JWT usage meets standards set by authentication policies.

Strategies

API Authentication Is Standardized

All APIs must use standardized authentication mechanisms including OAuth, JWT, and API keys with properly defined scopes, ensuring that security is consistently implemented and that consumers have ...

API Authorization Is Properly Defined and Enforced

All APIs must have clearly defined authorization models that control what authenticated consumers can access and perform, using role-based or attribute-based access control to ensure that permissio...

Lifecycle

key Authentication Develop

Authentication is where access begins. Keys, OAuth, JWT, and mTLS each make sense in different contexts, and I pick the approach that fits the consumer and the risk. Getting authentication right is...