Tomasz Kowalczyk
Software consultant with over 15 years of experience in the web applications industry. Functional Programming enthusiast pursuing the ultimate goal of software quality and maintainability. An author of several open-source libraries. Provides well-designed and open solutions to technical problems.
Montreal 2024 sessions
API lessons learned
English session - Intermediate
Working with APIs? Great! Did you have to solve surprisingly similar issues in different projects? Did project complexity force you to break the established guidelines for structure, filtering, validation, or pagination? How often have your endpoints, versioning, and evolution stood the test of time? Let's talk about the real examples of solutions I implemented in various APIs. Smile at changing requirements thinking - I've got it!
Towards the better API security
English session - Intermediate
Do you know how to secure your APIs? Tokens alone are far from enough. Automated direct access to the application business logic allows whole new classes of attack vectors and vulnerabilities - data extraction, impersonation, rogue access, and more. You can deploy countermeasures like elevated access requirements, multi-factor auth, response limits, etc. Let's explore both sides of that coin to let you properly design security for your APIs.
