Explore token-based authentication and access control for modern API-backed applications in this 58-minute conference talk by Brock Allen and Dominick Baier. Learn about requesting, managing, and using tokens for both browser-based and native clients. Discover the differences in approaches and protocol features for various client types. Gain insights into security protocols, discovery, authentication in JavaScript-based apps, token validation, user profiles, API calls, token management, and renewal. Examine native client scenarios, including web server-driven authentication, browser types, OpenID Connect Hybrid Flow, and access token handling. Benefit from the expertise of two client library authors as they share their experiences in building modern front-ends for token-based architectures.