logo
episode-header-image
Nov 2024
42m 49s

Enhancing OAuth Security and Interoperab...

Software Engineering Daily
About this episode

FAPI is a refinement of the OAuth standard developed by the OpenID Foundation. It was conceived to solve a core problem of providing a consistent approach to API security across the financial industry, with the goal of enhancing interoperability of financial data exchange. It has now been adopted across many different industries in applications where there is an API that requires a heightened authorization security implementation.

Authlete is a service that provides a set of APIs to implement OAuth Authorization Servers and OpenID Connect identity providers, allowing either to be easily made FAPI-compliant.

Joseph Heenan is the CTO at Authlete, and he also leads the certification program at the OpenID foundation. He joins the podcast with Gregor Vand to talk about the origins of FAPI, the motivations for its creation, the status of FAPI development, and more.

Full Disclosure: This episode is sponsored by Authlete.

Software Engineering Daily listeners can get a free 90 day trial of Authlete at https://authlete.com/sed

Gregor Vand is a security-focused technologist, and is the founder and CTO of Mailpass. Previously, Gregor was a CTO across cybersecurity, cyber insurance and general software engineering companies. He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk.

 

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

The post Enhancing OAuth Security and Interoperability Using FAPI with Joseph Heenan appeared first on Software Engineering Daily.

Up next
Yesterday
SED News: Data Land Grabs, Copyright Fights, and the Great AI Talent War
Welcome back to SED News, a podcast series from Software Engineering Daily where hosts Gregor Vand and Sean Falconer break down the latest stories in software engineering, Silicon Valley, and the wider tech industry. In this episode, Gregor and Sean dig into Meta’s legal battle o ... Show More
46m 15s
Jul 3
AI at Anaconda with Greg Jennings
Anaconda is a software company that’s well-known for its solutions for managing packages, environments, and security in large-scale data workflows. The company has played a major role in making Python-based data science more accessible, efficient, and scalable. Anaconda has also ... Show More
49m 29s
Jul 1
ByteDance’s Container Networking Stack with Chen Tang
ByteDance is a global technology company operating a wide range of content platforms around the world, and is best known for creating TikTok. The company operates at a massive scale, which naturally presents challenges in ensuring performance and stability across its data centers ... Show More
47m 57s
Recommended Episodes
May 24
From English Literature to Cybersecurity: A Journey Through Blockchain and Security
LINKS: https://distrust.co/software.html - Software page with OSS software Linux distro: https://codeberg.org/stagex/stagex Milksad vulnerability: https://milksad.info/ In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with A ... Show More
54m 36s
Apr 26
Understanding SaaS Security: Insights, Challenges, and Best Practices
In this episode of Cybersecurity Today, host Jim Love delves into the topic of SaaS (Software as a Service) security. Sharing his early experiences promoting SaaS, Jim elaborates on its inevitable rise due to cost-effectiveness and shared development resources. The episode highli ... Show More
38m 5s
Jan 2025
#405: Nemil Dalal, Head of Coinbase Developer Platform, on AgentKit, Bridging AI and Blockchain, Crypto AI Agents, and Building the Onchain Future
Nemil Dalal is the Head of Coinbase Developer Platform, a suite of tools designed to simplify and secure blockchain development. CDP aims to make building onchain applications as accessible as traditional software development, helping developers and creators of all skill levels i ... Show More
37m 22s
Oct 2024
Navigating NIST CSF 2.0: Guide to Frameworks and Governance
In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukasz, also a speaker coach at BlackHat USA, brings valuable insights into what it t ... Show More
36m 29s
Oct 2023
#274: Adeniyi Abiodun, Co-Founder of Mysten Labs, on The Role of Blockchain for Digital Economies, and Building Libra/Diem
Adeniyi is a product leader with experience spanning from financial services to crypto. Adeniyi has led engineering and product teams across Big Tech companies including Oracle, VMware and Facebook. Prior to founding Mysten Labs, Adeniyi led many of Meta’s R&D initiatives in bloc ... Show More
37m 38s
Mar 2023
LMAX CEO: It's time for crypto to embrace regulation
David Mercer is the CEO of LMAX Group — a leading operator of institutional execution venues for FX and crypto trading. In this episode, Mercer makes the case that embracing regulation is the only way for the crypto industry to mature beyond its "tiny" role in global markets. Dur ... Show More
37m 39s
Jan 2019
SLP48 Nicolas Dorier and BTCPayServer - self hosted Bitcoin and Lightning payments
Nicolas Dorier, a Bitcoin developer, joins me in this episode to talk about the open source project he started, BTCPayServer. BTCPayServer allows you to start accepting Bitcoin payments with 0% fees & no third-party. It is built with security, privacy and censorship-resistance at ... Show More
50m 56s
Jun 2024
788: Supabase: Open Source Firebase for Fullstack JS Apps
Scott and CJ chat with Paul Copplestone, CEO and co-founder of Supabase, about the journey of building an open source alternative to Firebase. Learn about the tech stack, the story behind their excellent documentation, and how Supabase balances business goals with open-source val ... Show More
53m 45s
Mar 2025
Securing ecommerce: "It's complicated" (Changelog Interviews #633)
Ilya Grigorik and his team at Shopify has been hard at work securing ecommerce checkouts from sophisticated news attacks (such as digital skimming) and he’s here to share all the technical intricacies and far-reaching implications of this work. Join the discussionChangelog++ memb ... Show More
1h 5m
Mar 2025
#418: Dominic Schwenter, COO of Lisk, on The Ethereum Foundation, The Superchain, and Ethereum’s Role in High-Growth Markets
Dominic Schwenter is the COO of Lisk, the Layer 2 blockchain dedicated to bringing Web3 adoption in emerging markets back to Ethereum. Dominic’s understanding of blockchain technology and its applications has positioned him as a thought leader in the industry, contributing to num ... Show More
32m 52s