Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

Protecting APIs with JWT Validation

Blog post from Cloudflare

Post Details
Company
Date Published
Author
John Cosgrove
Word Count
1,953
Company Posts That Month
45
Language
English
Hacker News Points
-
Post removed?
No
Summary

Cloudflare has introduced a new feature that allows its customers to protect their APIs from broken authentication attacks by validating incoming JSON Web Tokens (JWTs) with API Gateway. This update addresses four main feature requests and includes support for the Bearer token format, multiple JWKS configurations, validation of JWTs sent in cookies, and exclusion of any number of managed endpoints in a JWT validation rule. Broken authentication is the top threat on the OWASP Top 10 and the second-highest threat on the OWASP API Top 10. JSON Web Token Validation in API Gateway enforces a positive security model for authenticated API users, helping to prevent these attacks.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 2 429 73 42 -43%
Zero Trust 1 166 38 16 -36%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.