Engineering the Future of Software
29–31 Oct 2018: Tutorials & Conference
31 Oct–1 Nov 2018: Training
London, UK

Securing APIs in a microservice architecture

Rob Wilson (SailPoint Technologies)
16:5017:40 Monday, 29 October 2018
Location: King's Suite - Sandringham
Secondary topics:  Best Practice
Average rating: ****.
(4.50, 4 ratings)

Who is this presentation for?

  • Enterprise architects, software architects, and security architects

Prerequisite knowledge

  • A basic understanding of APIs, OAuth, and JSON Web Tokens

What you'll learn

  • Learn a practical model for securing microservice APIs


Microservices have quickly become a popular way to develop software systems. But as organizations implement production systems based on microservices, they are recognizing the importance and complexity of securing microservices. Luckily, there are a number of techniques for controlling access to web APIs in a microservice architecture, including network controls, cryptographic methods, and platform-based capabilities.

Rob Wilson shares techniques for securing microservice APIs and offers an overview of the DHARMA model, a practical multiplatform model that you can use for securing your own microservice environments, as outlined in Securing Microservice APIs, a report he coauthored with Matt McLarty and Scott Morrison. The DHARMA model can be implemented on any platform or across multiple platforms in order to provide cohesive security over a network of microservices. Rob concludes by explaining how to extend the DHARMA model to include other types of microservice APIs.

Photo of Rob Wilson

Rob Wilson

SailPoint Technologies

Rob Wilson is a senior sales engineer at SailPoint Technologies. Rob has been working in the field of information technology for over 20 years. He enjoys working on complex and diverse issues where the analysis of situations requires an in-depth evaluation of numerous factors, as well as ingenuity and originality to solve, and has helped a number of organizations on their API and microservices strategies. He is the coauthor of Securing Microservice APIs with Matt McLarty and Scott Morrison. Rob holds a bachelor of technology management from Memorial University and a master of science in information technology from the University of Liverpool. When not working with clients, he enjoys outdoor activities with family, gaming, and having lively and engaging conversations.