Understanding API Security
Gone are the days when it was acceptable for a piece of software to live in its own little silo, disconnected from the outside world. Today, services are expected to be available for programming, mixing, and building into new applications. The web-based Application Programming Interface, or API, is how services make themselves available in this dynamic world. By exposing an API, a service can find new life and utility far beyond what its core functionality was designed to be. But these APIs need to be secured and protected in order to be truly useful. An API that's simply left open to everyone, with no security controls, cannot be used to protect personalized or sensitive information, which severely limits its usefulness.
The OAuth delegation and authorization protocol is one of the most popular standards for API security today. Understanding API Security is a selection of chapters from several Manning books that give you some context for how API security works in the real world by showing how APIs are put together and how the OAuth protocol can be used to protect them.
Share Understanding API Security