Explore a conference talk that delves into securing identity and authorization in microservices architectures. Learn about the challenges posed by external API calls in microservices, including potential vulnerabilities from software supply chain attacks, privileged user compromises, and other security threats. Discover the concept of Transaction Tokens (TraTs), a new proposal in the IETF OAuth working group, and how they complement existing security protocols like SPIFFE. Understand how TraTs can assure user identity and context information in call chains, enable nesting for intermediate services, and defend against various attacks in microservice architectures. Gain insights into real-world examples and use cases that demonstrate the effectiveness of TraTs in enhancing security within complex microservices environments.