Authorization is an important part of any API that exposes high-value data. In this presentation, Srijith will explore this critical aspect of API security. He will explain how API developers can use open standards to define authorization rules and enforce those within their services. He will give a brief introduction to XACML, a standard-based policy language and processing model, which API providers can utilize to this end. Attendees will leave with new ideas and awareness of methods they can use to secure and protect their APIs.