avatar-phill-edwards.jpg Phillip Edwards

All Posts by Phillip Edwards

Building and Securing a Go and Gin Web Application

Today, we are going to build a simple web application that implements a to-do list. The backend will be written in Go. It will use the Go Gin Web Framework which implements a high-performance HTTP server. The front end will use the Vue.js JavaScript framework to implement a single page application (SPA). We will secure it using Okta OAuth 2.0 authentication. Let’s get started! PS: The code for this project can be found on GitHub...

Read more

API Key Best Practices and Examples

When you’re using a REST API, especially one that incurs costs or has usage limits, you need to use an API key to access the API in question. For example, if you’re creating a user account with the Okta API, you’ll need to include your API key in that request for it to succeed. Because API keys grant access to API calls which may change important data or incur significant charges. It is therefore important...

Read more

Offline JWT Validation with Go

Modern authentication systems use and generate JSON Web Tokens (JWT). There are many different ways that JWTs are used but, in this post, we will concentrate on JWTs that are used as OIDC access tokens. When a user successfully logs in to an application using a service like Okta, an OIDC access token is generated in the form of a JWT. That token can be passed in requests to the backend. The backend can then...

Read more

The Definitive Guide to WSGI

Python has a number of different frameworks for building web applications. The choice of framework limits the choice of available web servers. Java also has a number of web frameworks but they are all based on the common servlet API which means that any framework can run on any web server which supports the servlet API. You’ve probably seen WSGI mentioned before, but you might not be exactly sure what it meant or did. In...

Read more