Learn how to secure your REST API using proven standards implemented by OAuth 2.0 and OpenID Connect in this PHP UK Conference talk. Explore JSON Object Signing and Encryption (JOSE) as the core of a secure standards-based REST API. Discover the components of JOSE, including JSON Web Token (JWT), JSON Web Signature (JWS), and JSON Web Encryption (JWE). Understand key concepts such as cryptography, hierarchical authentication, key rotation, request authorization, and response validation. Gain insights into implementing private claims, timestamp and duration checks, and encrypted data with JWE. Follow along with practical examples of JWT headers, request representations, and response claims to enhance your API security knowledge.