Friday 

Room 1 

16:20 - 17:20 

(UTC+11

Talk (60 min)

Demystifying Web API Security in Azure

Building APIs can be easy, but securing them is hard. We have external and internal applications, APIs, users, and more. Each might use a different authentication and authorization strategy, depending on customer and system needs. The stakes are high and there is no margin for error! In this talk, we’ll look at the different categories of applications and users, and what possibilities we have for securing them. We’ll also look at what Azure provides for securing internal users and applications, and an external provider such as Auth0 for external users and applications. We’ll also cover different authentication and authorization strategies, and how we can map these to our various communication scenarios. Finally, we’ll look at a full end-to-end example using .NET 5 and Azure, building out a playbook for the common and not-so-common scenarios we encounter.

Jimmy Bogard

Jimmy is the creator and maintainer of the popular OSS libraries AutoMapper and MediatR, and the originator of Vertical Slice Architecture. Jimmy is an independent software consultant based in Austin, TX. Jimmy has received the "Microsoft Most Valuable Professional" (MVP) award every year since 2009.