Securing Your Serverless Endpoint with Webtask

We often dedicate a lot of time in crafting powerful APIs that interact with many different clients but overlook proper security measures that can come back to haunt us.In this talk, we'll look at the proper way to secure our API's with JSON Web Tokens. We'll go from learning what JSON Web Tokens are, why they're the driving force in API security, and to put theory into practice actually build a real-world implementation using Node.js and Angular where we'll show common best practices. Webtask allows you to build applications without thinking about infrastructure. Simply write your server-side logic, deploy your functions via the Webtask CLI, and access your serverless backend over HTTP.


2.Who am I? Md Shahbaz Alam Auth0 Ambassador, Auth0 Inc Mozilla Representative @mdsbzalam


4.Quick History

5.A typical Client-Server

6.Why still C-S Architecture? • Technology evolution has changed its application • Improved Hardware • Lack of Trust “ We still need a trust boundary between client and server to control access to shared data or functionality. “

7.Backend on Server A Typical Backend A Typical Server Room




11.Serverless: someone else’s servers

12. Examples ➔ WebTask ➔ AWS Lambda ➔ Azure Functions

13.From Backend to WebTask

14.From Backend to WebTask

15.From Backend to WebTask

16.From Backend to WebTask


18.WebTask: Scenario ● WebTask as a Code Sandbox ● WebTask as a Webhook

19.How to start with WebTask?

20.Getting Started 1. Install WebTask CLI 2. Init WebTask 3. Create hello.js and Deploy

21.Success WebTask and WebTask Editor

22.Thank you!