This week, we have a vulnerability in the BrewDog mobile app exposing users’ PII courtesy of hard-coded bearer tokens, Cisco has announced the arrival of their APIClarity at KubeCon 2021, F5 has published a report on API attacks in Open Banking, and finally, there’s a mega-guide on API security best practices.
Token Based Security: Angular Applications, Part 3
Introduction
In the previous post of this series, we configured our Angular application as a client of IdnentityServer and completed the login/logout process.
However even though the user was logged in, the REST API calls were still not authorized: