Explain OAuth2 and JWT for API security.

Updated Apr 28, 2026

Short answer

OAuth2 is an authorization framework; JWT is a token format used to transmit claims between parties.

Deep explanation

Intermediate API design involves handling complexity and security. OAuth2 is an authorization framework; JWT is a token format used to transmit claims between parties.

Real-world example

GitHub API using cursors for navigating large lists of commits.

Common mistakes

Not versioning the API from day one, leading to breaking changes.

Follow-up questions

Is PUT idempotent?
Is POST idempotent?

Short answer

Deep explanation

Real-world example

Common mistakes

Follow-up questions

More API Design interview questions