Securing Your GraphQL Backend with JWTs: Talk Resources

Thanks for checking out my talk “Becoming a Secret Agent: Securing Your GraphQL APIs with JWTs.” I hope you found it helpful!

You can find the most recent (2021) version of the slides up on Speakerdeck here.

Here’s the recording of the previous version of this talk I gave at GraphQL Asia 2020:

I’ve also got a fullstack example of this using Apollo and Auth0 you can check out, too:

• Habit Tracker: Apollo + Auth0 Fullstack Example

Lastly, here’s a pile of resources I used to build this talk:

• Hasura: JWTs on the Frontend
• Dotan Simha: Authentication and Authorization in GraphQL (and how GraphQL-Modules can help)
• Ryan Chenkie: Handling Authentication and Authorization in GraphQL
• Kim Maida: Standards-based authentication for JavaScript sites
• Ryan Chenkie: Supercharge Your Schemas with Custom Directives
• Sam Bellen: Knock knock, who’s there? Authenticating your single page apps using JSON Web Tokens
• Auth0’s Learn Identity with Vittorio Bertocci
• GraphQL Patterns Podcast: Authorization
• Auth0 Node QuickStart
• Roy Derks: Build and Secure a GraphQL Server with Node.js
• node-jsonwebtoken
• Hasura Docs: JWT Auth
• GraphQL Modules Docs: Resolvers Composition
• Auth0 Docs: JWKS
• express-jwt
• graphql-middleware
• Prisma Blog: GraphQL Middleware
• GraphQL Spec: Directives
• Apollo Docs: Schema Directives

If you’d like to keep in touch, follow me on Twitter and sign up for my Developer Microskills newsletter below.