Articles tagged with scopes
When building an API, sooner or later you’ll have to secure it with some kind of authentication schema. There are many industry-standard solutions available - JWTs, sessions, OpenID... Then, after implementing one you'll feel satisfaction - your API is secured! That is until one of your customers gains access to another's data. Uh-oh. You forgot the authorization - again!