Powered by heapspace
REST security essentials
Aleksandar Radisavljević
Back-end Java Engineer
September 26th / 14:15 - 14:45
Ninja the Cat

Security should be an integral part of any development project and not an afterthought. This is also true for REST APIs. In this talk, we will try to show what the industry standards are for securing REST. Uncovering the pros and cons for most popular security protocols, such as basic auth, OAuth 2.0. We will dig into stateful vs stateless security implementations, as well as how to properly use JWTs and how you can use digital signature to secure your APIs using HTTP signatures.


Aleksandar is from Belgrade, where he works as a back-end Java engineer at Endava. He has seven years of experience as a Java software engineer with a focus on APIs, micro-services and web security. In his spare time, he is an avid cyclist and attempting to work on his electronics skills, mainly fixing his sons’ broken toys.