OAuth 2.1: The Future of API Auth

A talk given by Rob Allen from Nineteen Feet Limited at the 2025 Platform Summit in Stockholm, Sweden. OAuth 2 is the gold standard for authentication in APIs and is currently being updated to version 2.1. In this talk we’ll dive into how it works and what’s different from OAuth 2.0. OAuth 2.1 consolidates and simplifies OAuth 2.0 along with bringing the best practices that have evolved since 2.0’s release into the main standard. I’ll discuss how the Authorization grant type has evolved with PKCE to make it the best for nearly all clients, and also cover the best practices to use today in order to secure your API. By the end of this session, you’ll be well prepared for the future of API security. Call for speakers for Platform Summit 2026 open - apply now: https://nordicapis.com/call-speakers/ Check the Nordic APIs website and blog: https://nordicapis.com/

Join Today
[Session] Intro to OAuth for MCP Servers with Aaron Parecki, Okta
▶︎

[Session] Intro to OAuth for MCP Servers with Aaron Parecki, Okta

Building a Killer API Program That Drives Growth
▶︎

Building a Killer API Program That Drives Growth

OpenTelemetry Automatic Instrumentation • Steve Flanders • Devoxx Poland 2024
▶︎

OpenTelemetry Automatic Instrumentation • Steve Flanders • Devoxx Poland 2024

Microservices vs. Monoliths: How to Choose the Right Architecture for Your Business
▶︎

Microservices vs. Monoliths: How to Choose the Right Architecture for Your Business

Passkeys Explained: Are They Actually Better Than Passwords?
▶︎

Passkeys Explained: Are They Actually Better Than Passwords?

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker
▶︎

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker

OAuth 2.1 Explained: The Complete Guide for Developers (Go & Keycloak)
▶︎

OAuth 2.1 Explained: The Complete Guide for Developers (Go & Keycloak)

An Illustrated Guide to OAuth and OpenID Connect
▶︎

An Illustrated Guide to OAuth and OpenID Connect

7 Authentication Concepts Every Developer Should Know
▶︎

7 Authentication Concepts Every Developer Should Know

API Monetization in the AI Era
▶︎

API Monetization in the AI Era

MCP Client OAuth Is Simpler Than You Think
▶︎

MCP Client OAuth Is Simpler Than You Think

OAuth 2.0 and OpenID Connect (in plain English)
▶︎

OAuth 2.0 and OpenID Connect (in plain English)

A Decade of Open Policy Agent
▶︎

A Decade of Open Policy Agent

A Developer's Guide to SAML
▶︎

A Developer's Guide to SAML

Why The Russian Accent Terrifies Everyone
▶︎

Why The Russian Accent Terrifies Everyone

From Data Bridges to Data Breaches: Understanding API Security
▶︎

From Data Bridges to Data Breaches: Understanding API Security

How to Think So Clearly People Assume You’re A Genius
▶︎

How to Think So Clearly People Assume You’re A Genius

Something is jamming GPS over Europe. Here's what we found
▶︎

Something is jamming GPS over Europe. Here's what we found

#PKCE explained - Proof Key for Code Exchange for #OAuth2 Authz Code Grant | Niko Köbler (@dasniko)
▶︎

#PKCE explained - Proof Key for Code Exchange for #OAuth2 Authz Code Grant | Niko Köbler (@dasniko)

🚗 BYD : The biggest SCAM of the car industry ?
▶︎

🚗 BYD : The biggest SCAM of the car industry ?