Overview
What separates systems that survive credential breaches from those that collapse under them? The answer lies not in better frameworks, but in architectural decisions made before the first auth endpoint is deployed. Every request hitting your application asks the same critical question: Should this be allowed? Answered thousands of times per second, this question defines the boundary between secure operations and catastrophic exposure. Yet most organizations still apply monolithic auth patterns to distributed systems serving millions of concurrent users. The consequences are entirely measurable-leaked JWTs through client-side storage, stale role data propagating across microservices, API keys buried in repositories years after employee departure, and authorization checks that crumble under production load. This book provides the architectural field manual that engineering teams have lacked. Drawing from production-tested patterns across high-throughput microservice meshes and multi-tenant SaaS platforms, it bridges the persistent gap between security theory and implementable, observable systems. Inside, you will find: - How to map STRIDE threat categories onto authentication flows before committing the first line of authorization code - Session distribution strategies across Kubernetes clusters that maintain strong consistency without introducing latency bottlenecks - Refresh token rotation patterns that detect family theft in real-time distributed environments - Comparative analysis of Zanzibar-style relationship databases versus XACML policy engines with production-tested decision frameworks - Architectural implications of adopting FIDO2 passkeys in consumer applications versus SAML in enterprise contexts - Operational guidance on secret rotation, compliance automation, and monitoring that separates fragile proofs-of-concept from enterprise-grade infrastructure Written for senior backend engineers, security architects, and platform engineers who have shipped production web applications, this guide moves past tutorial-level explanations to examine precisely how tokens should be validated, cached, and revoked at scale. Your applications are already being probed. Build the access control architecture that responds with certainty rather than hope.
Full Product Details
Author: Alex Codewell
Publisher: Independently Published
Imprint: Independently Published
Dimensions:
Width: 17.00cm
, Height: 2.40cm
, Length: 24.40cm
Weight: 0.721kg
ISBN: 9798197608741
Pages: 458
Publication Date: 19 May 2026
Audience:
General/trade
,
General
Format: Paperback
Publisher's Status: Active
Availability: Available To Order
We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately.
