Engineering the Future of Software
Feb 25–26, 2018: Training
Feb 26–28, 2018: Tutorials & Conference
New York, NY

API security in a microservice architecture

Matthew McLarty (MuleSoft)
3:50pm–4:40pm Wednesday, February 28, 2018
Secondary topics:  Best Practice, Overview
Average rating: ****.
(4.17, 12 ratings)

Who is this presentation for?

  • Software architects, solution architects, enterprise architects, security architects, and development leads

Prerequisite knowledge

  • A basic understanding of microservices and web APIs

What you'll learn

  • Learn techniques for securing microservice APIs


Microservices have taken the software architecture world by storm. Initially driven by a desire for increased delivery velocity and greater scalability, organizations are now recognizing the importance and complexity of securing their microservices. Matt McLarty shares techniques for securing microservice APIs and a practical model you can implement in your organization.

Topics include:

  • An approach to visualizing multicloud microservices systems
  • Available techniques for securing microservice APIs, including PKI, network-based solutions, platform capabilities, credentials, and tokens (OAuth, JWT, OpenID Connect)
  • An approach to access control for microservice APIs
Photo of Matthew McLarty

Matthew McLarty


Matt McLarty (@mattmclartybc) leads API Strategy for MuleSoft, a Salesforce company. He works closely with organizations to design and implement innovative, enterprise-grade API and microservices solutions. An experienced software architect, Matt has worked extensively in the field of integration and real-time transaction processing for software vendors and clients alike. He has coauthored Microservice Architecture and Securing Microservice APIs for O’Reilly.