OAuth 2 is the gold standard for authentication in APIs and in this talk I took a deep dive into how it works and how to implement an OAuth 2 server in your API. There are a number of work flows in OAuth 2 for different scenarios including mobile apps and websites connecting via JavaScript, so I looked at each one and showed how to implement the password and client credentials grant types.
Presented at Sunshine PHP, February 2018