Why Your API Access Control Is a Trust Boundary Problem episode artwork

EPISODE · Jun 4, 2026 · 9 MIN

Why Your API Access Control Is a Trust Boundary Problem

from The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers · host Fexingo

Episode 31 of The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers. Hosts Lucas and Luna drill into API access control — specifically, why most teams design it as a permission matrix when they should be treating it as a trust boundary between internal systems. Using the March 2026 Snowflake misconfiguration incident as a case study, Lucas walks through how a single over-permissioned service account in a data warehouse exposed internal dashboards that should have been firewalled. Luna challenges whether API gateways alone can solve the problem, and Lucas argues for a network-segmentation-first approach. The conversation covers workload identity federation, OAuth device flow, and the concrete audit-log query that would have caught the Snowflake leak in under a minute. If you build APIs that talk to databases, this is the episode that will make you rethink your service-to-service auth model. #APIAccessControl #TrustBoundary #Snowflake #WorkloadIdentity #OAuthDeviceFlow #NetworkSegmentation #ServiceAccount #CloudSecurity #AuditLog #IdentityFederation #DevTools #BusinessAndTechnology #Infrastructure #APISecurity #FexingoBusiness #BusinessPodcast #DataLeak #Misconfiguration Keep every episode free: buymeacoffee.com/fexingo

Episode 31 of The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers. Hosts Lucas and Luna drill into API access control — specifically, why most teams design it as a permission matrix when they should be treating it as a trust boundary between internal systems. Using the March 2026 Snowflake misconfiguration incident as a case study, Lucas walks through how a single over-permissioned service account in a data warehouse exposed internal dashboards that should have been firewalled. Luna challenges whether API gateways alone can solve the problem, and Lucas argues for a network-segmentation-first approach. The conversation covers workload identity federation, OAuth device flow, and the concrete audit-log query that would have caught the Snowflake leak in under a minute. If you build APIs that talk to databases, this is the episode that will make you rethink your service-to-service auth model. #APIAccessControl #TrustBoundary #Snowflake #WorkloadIdentity #OAuthDeviceFlow #NetworkSegmentation #ServiceAccount #CloudSecurity #AuditLog #IdentityFederation #DevTools #BusinessAndTechnology #Infrastructure #APISecurity #FexingoBusiness #BusinessPodcast #DataLeak #Misconfiguration Keep every episode free: buymeacoffee.com/fexingo

NOW PLAYING

Why Your API Access Control Is a Trust Boundary Problem

0:00 9:04

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers?

This episode is 9 minutes long.

When was this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode published?

This episode was published on June 4, 2026.

What is this episode about?

Episode 31 of The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers. Hosts Lucas and Luna drill into API access control — specifically, why most teams design it as a permission matrix when they should be treating...

Can I download this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!