Explore critical security vulnerabilities in JWT access token validation in this 54-minute conference talk from NDC Copenhagen 2025. Discover how seemingly secure OAuth 2.0 implementations using open-source libraries can be compromised through improper configuration, even when you believe your API only accepts tokens from trusted issuers. Learn about specific attack vectors that can bypass token validation mechanisms and see live demonstrations of how attackers can exploit these weaknesses to fool your API. Gain practical knowledge on writing comprehensive tests to verify your application's protection against these security exploits, ensuring your data and users remain safe from token-based attacks.