An API is only as good as it is known. Getting an API into a developer’s hands, demonstrating the power of your solution, and providing an environment in which they can test and manipulate data in a controlled, monitored way is perhaps one of the most important unsung heroes of API publication. Read more
Posts Tagged: identity
How does one go about securing APIs, microservices, and websites? One way to do this is by focusing on the identity — knowing who the caller is, and what the caller is allowed to do with your data. Too often, though, providers rely too heavily on user social identity, pairing it way too closely with the design of their APIs. Read more
These days, APIs need to be strong. They need to be versatile to change, and must triumph in the face of malicious schemes hackers use to disrupt core systems. But how does a provider consistently maintain security across their API platform, and consistently check to see that security is maintained throughout continuous code deployments? Read more
In an age where thousands of devices interact with microservices and API-driven servers, an API gateway can act as a single entry point to internal architecture — a popular choice for developers as it increases security, improves user experience, and helps ecosystems thrive. Read more
Little details like tokens can sometimes help structure complex API architectures. In this piece we’re going to have a look at different architectures, and ultimately see how a better way to design tokens can lead to a more performant result.
Consider the role of tokens within two facets of API design, access control and data stability. Read more