Banks have been exposing some of their most closely guarded functionalities as RESTful API services for developers to integrate with. In Singapore, it started with OCBC slightly more than a year ago, followed by Citibank. OCBC started with simple RESTful services to list ATM locations and products. Just 2 months ago, it launched a suite of APIs that allows developers to make API calls to read a user's accounts and transactions and for fund transfers between accounts.
Can a $5-a-month virtual server run an OAuth2 Server? My virtual server has been my testbed for many IoT projects that make Web API calls to the web services that I have developed. None of these were as secure as I want them to be because I have never gone around implementing an OAuth2 server. Instead, I had mostly depended on POST with username and password to authenticate a user. This is not optimum and definitely not elegant. How do I even sleep at night!?