Secure APIs by using OAuth 2.0

This tutorial shows you how to implement OAuth 2.0 schemes that are available in IBM API Connect to secure an API.
IBM API Connect provides two implementation modes, each of which provide different OAuth 2.0 schemes:
Confidential mode. A Confidential mode is suitable when an application is capable of maintaining the secrecy of the client secret. Use confidential mode when an application is capable of maintaining the secrecy of the client secret. This is usually the case when an application runs in a browser and accesses its own server when obtaining OAuth access tokens. As such, these schemes make use of the client secret. In the Confidential mode, we have three OAuth schemes: Application, Password and Access code.

Public mode. A Public mode is suitable when an application is incapable of maintaining the secrecy of the client secret. This is usually the case when the application is native on a computer or mobile


Original URL: https://developer.ibm.com/tutorials/securing-apis-oauth2-api-connect/

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: