GraphQL is a very powerful query language that does a great many things right. When implemented properly, GraphQL offers an extremely elegant methodology for data retrieval, more backend stability, and increased query efficiency.
The key here though is that simple phrase — when implemented properly. Read more
How does one go about securing APIs, microservices, and websites? One way to do this is by focusing on the identity — knowing who the caller is, and what the caller is allowed to do with your data. Too often, though, providers rely too heavily on user social identity, pairing it way too closely with the design of their APIs. Read more
The world is changing. What was once fought on battlefields with physical weapons is quickly transitioning online, with groups of individuals and even entire nations utilizing the internet to disrupt their enemies.
Just as with any conflict, there will be civilian casualties — whether it be civilian infrastructure or users weaponized as Distributed Denial of Service drones, the consequences of the coming virtual conflicts will be bad. Read more
We’re all accustomed to using usernames and passwords for hundreds of online accounts — but if not managed correctly, using passwords can become a major distraction, and a potential security vulnerability. The same is true in the API space. There’s nothing inherently wrong with usernames — you need those. Read more