Side-channel attacks • “The consumer_secret is mandatory (kudos to Twitter) but hackers broke into the Buffer’s GitHub database (where the string was hard coded in the source code) and took it!” http://security-architect.blogspot.com/2013/11/oauth- protected-access-at-facebook-and.html
Enforcement API Versioning OAuth Token Roaming GeoIP Filtering Car API Security 11Y7pXE5FwLtUnOQRpy yxRn9h4p4ctvOuNkVyr EsvtO6vnAdrkXlEczS4 OAuth 2.0 Token scopes[] Grants access Issued for application Identifies user OAuth 2.0 in Action
April 3 Simon Redfern, Open Bank Project "Bank as a platform, transparency as an asset. How the Open Bank Project enables an innovation ecosystem". Menno Abbink, Essent “Powering the Hybrid Cloud – How APIs enable Cloud to Ground IT Integration” Register at benelux.axway.com OAuth 2.0, WebSockets, SAML, API Keys