GraphQL Asia - Bengalaru, India - February 20-22, 2020

Hey everyone! I’ll be at GraphQL Asia and would love to meet you!

Talk Title: Becoming a “Secret” Agent: Securing Your GraphQL Backend with JWTs
Talk Description: Are you confused about how authentication and authorization relate to your GraphQL API? You’re not alone! It’s no secret that learning auth is hard enough on its own, let alone while trying to understand how it fits with GraphQL. Let’s demystify authentication with some practical teaching on how to use JSON Web Tokens (JWTs) to add authentication to your GraphQL APIs! We’ll first shed light on some auth terminology and talk about the problem of delegated access. We’ll also discuss options to consider when choosing an authorization strategy and whether any considerations need to be made for using your GraphQL backend with a frontend on the same server versus on an external server along with multiple APIs. We’ll then step through how to handle authorization in your GraphQL server, including several options for handling access to protected data. This talk will use JavaScript examples, but the principles will apply to other backend technologies. By the end, you’ll feel a whole lot better about tackling auth in GraphQL!

I’ll post slides and resources here after the event!

Thank you GraphQL Asia for having me!

Here are my slides:

I’ve also got a pile of resources I used to build this talk:

Feel free to reach out any time to me on Twitter.


1 Like

Awesome Talk! Really insightful

Thank you so much @abhi. It was great getting to meet in person. And welcome to the Auth0 Community! :tada: