API Authorization Patterns for Securing Distributed Microservices at Scale

Revisit one of our sessions from API Summit 2024!

Congratulations! You've implemented centralized authentication for all of your APIs. Have you considered the next step? How do you enforce robust authorization patterns for all your resources in a distributed microservices environment? In this session, we'll dive into the world of API authorization enforcement patterns specifically tailored for distributed microservices architectures, focusing on HTTP APIs. We'll explore various strategies to ensure that only the right users have access to the right resources, all while maintaining the scalability and performance of your system.

We'll discuss key authorization patterns such as role-based access control (RBAC), attribute-based access control (ABAC), and policy-based access control (PBAC), alongside a case study of our Kong Konnect cloud platform that highlights the challenges and solutions in this domain. Expect practical examples and a few surprises as we navigate the complexities of securing your microservices.

Join us for an insightful journey into API authorization, and leave with practical knowledge to enhance the security and scalability of your distributed applications.