Erwin van den Bogaard - Mastering API Security: Direct Calls in Azure Microservices Made Easy

In today’s microservices architectures, securing API communications is crucial. Authentication and authorization are essential components that cannot be missing from any modern application. In this session, we’ll explore how Managed Identity can be employed in a way similar to how RBAC assignments work, specifically designed to secure our own API calls within the microservices architecture. We’ll also discuss how to implement App Registrations for API authentication and authorization, using Managed Identity to determine access permissions for server-to-server API calls. You’ll learn how to leverage Azure’s built-in features to secure your APIs, ensuring only authorized services can make calls without user interaction. We’ll share practical examples from our own experiences, demonstrating how these concepts can streamline your API security while operating entirely within the Azure ecosystem. What you'll gain: • Understand how to use Azure App Registrations for effective API authentication and authorization. • Learn how Managed Identity facilitates secure server-to-server API calls in a microservices architecture. • Explore practical examples of securing internal API communications within Azure. #futuretech #dotnet