OAuth 2.1: The Future of API Auth

A talk given by Rob Allen from Nineteen Feet Limited at the 2025 Platform Summit in Stockholm, Sweden. OAuth 2 is the gold standard for authentication in APIs and is currently being updated to version 2.1. In this talk we’ll dive into how it works and what’s different from OAuth 2.0. OAuth 2.1 consolidates and simplifies OAuth 2.0 along with bringing the best practices that have evolved since 2.0’s release into the main standard. I’ll discuss how the Authorization grant type has evolved with PKCE to make it the best for nearly all clients, and also cover the best practices to use today in order to secure your API. By the end of this session, you’ll be well prepared for the future of API security. Call for speakers for Platform Summit 2026 open - apply now: https://nordicapis.com/call-speakers/ Check the Nordic APIs website and blog: https://nordicapis.com/