Building APIs for developers with Identity Server 4

You might be thinking "Duh, all APIs are for developers", but the reality is when it comes time to expose our API to third party developers, there are a few important security and logistical problems to conquer that you might not think about before hand. In this talk we take a look at the best way to protect your API using Identity Server 4 and walk through all the configuration you'll need to get third party devs up and running in no time.

Specifically we'll cover:

  • API first development and designing your API with third party developers in mind
  • Setting up Identity Server 4 with a basic real-world configuration
  • Protecting our API using JWTs and Bearer Authentication
  • Controlling access to API endpoints based on authentication policies