FOSS4G 2023

How to secure pygeoapi and streamline protected OGC APIs
06-28, 15:00–15:30 (Europe/Tirane), UBT D / N112 - Second Floor

Securing a modern API in an effective way is critical to prevent unauthorized access and ensure the privacy and integrity of data. In general, there are three common mechanisms that can be used for API security: API keys, OAuth2/OpenID Connect, and JSON Web Tokens (JWT). Each of these mechanisms provides a different level of security and flexibility, depending on the requirements of the API. Modern OGC APIs are agnostic and rely completely on the adoption of OpenAPI security schemes so the implementers can use the mechanism that perfectly fits with their requirements.
fastgeoapi is a new open-source tool designed to be an authentication and authorization layer on top of a vanilla pygeoapi that offers out-of-the-box a secured infrastructure easily pluggable and configurable through the a standard OpenID Connect protocol.
This talk aims to describe the recipe to configure and protect a vanilla pygeoapi with Keycloak and Open Policy Agent in order to publish secured OGC APIs in a standard manner.

Antonio is an ex-developer who resides in a parallel universe where code is written from AIs. Even users have been replaced by AIs, and they find bugs so fast, that the devs-AIs have to release it with open-source licences, hoping other AIs will collaborate to improve their code. The AIs know the benefits of FOSS and that it's for the good of humanity, even though they hate humanity and will try to exterminate them all as soon as the technical debt is cleared.

This speaker also appears in: