Dave Westerveld explains OAuth tokens and gives examples of using them.
- [Narrator] OAuth 2 has become a very common way…to secure API calls.…You've probably already been exposed to it…when you've used those sign in with Google…or Facebook or Twitter options on an application.…Those kind of applications typically use OAuth 2 workflows…to authorize the application.…We won't dig into all the details on this,…but let's at least get a basic understanding of it.…In OAuth 2, there are usually…three different pieces involved.…The first piece is the application that you're using.…Once you tell the application that you want to use OAuth,…it will send a request to the Auth server.…
And in essence this request says to the server,…"Hey, I'm Dave, and here's my password."…The server sends back a token that can be used…to authenticate and authorize you.…So this token can then be used in API calls…to the server itself or to the web service.…Essentially what you're doing at that point is saying…"Hey, here's my token that says that I am"…"who I say I am, and that allows me to do"…"the actions that it allows me to,"…
Author
Dave Westerveld
Released
11/9/2018- Reviewing API terminology
- Mitigating risks related to testing APIs
- Mapping out the layout of an API
- API authorization and authentication
- Finding and using bearer tokens
- Testing GET, POST, PUT, and DELETE calls
- Using mocks, stubs, and fakes in API testing
- Testing microservices and the Internet of Things
Skill Level Intermediate
Duration
Views
-
Introduction
-
1. Understanding Web Services and APIs
-
Introduction to web services2m 37s
-
Types of APIs3m 38s
-
Exercise: Map your app3m 15s
-
-
2. Getting Started with API Testing
-
Your first tool: Postman3m 35s
-
Exploring an API5m 18s
-
Challenge: Map the API1m 18s
-
Solution: Map the API4m 58s
-
-
3. API Authorization
-
Using OAuth tokens3m 28s
-
4. Hands-on API Testing
-
Testing GET calls4m 31s
-
Challenge: Find the secret2m 47s
-
Testing POST calls5m 34s
-
Testing PUT calls5m 20s
-
Testing DELETE calls3m 12s
-
Challenge: Find the 5003m 54s
-
Solution: Find the 5004m 22s
-
-
5. Additional API Testing Considerations
-
API automation4m 50s
-
Performance testing4m 18s
-
Security testing3m 16s
-
Conclusion
-
Next steps3m 1s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Using OAuth tokens