Security with API: OAuth, token-based access vs key-based access

Let’s consider security with APIs, i.e how to securely identify the caller. There are two authentication methods quite popular in the cloud to secure APIs: Key-based access OAuth, or token-based access in general Let’s compare them. Key-Based By key-based we mean an authentication scheme where we do pass a key to the API request. That … More Security with API: OAuth, token-based access vs key-based access

Azure Functions HTTP – Authorization Levels

In a past article, we looked at Serverless compute in Azure in general and Azure Functions specifically. In this article we wanted to focus on Azure Function triggered by HTTP requests and the different options we have to authenticate: Anonymous Function Admin System User Those are called Authorization Levels.  For each function in a function … More Azure Functions HTTP – Authorization Levels

Web Socket Protocol

Web Socket is a new protocol, standardised in RFC 6455, attempting to bring the best features of HTTP & TCP together.  More specifically, it aims at being Connected & full-duplex (as TCP), allowing server to call-back clients and universal (as HTTP). This wasn’t done without pain.  Web Socket has a non-trivial handshake process, done over … More Web Socket Protocol