Posts Tagged: authentication

An Introduction to Securing Your New API

What with the rapid growth of the API economy, more sensitive data is shared through APIs than ever before. As a natural consequence of this, there are severe stakes around API security, and they’re only rising.

While it’s easy to overlook the importance of security in a brand-new API — especially if that API is only used internally or by selected partners — you ought to secure all APIs early-on. Read more

Introducing The API Security Maturity Model

When a user utilizes a service, that user must first attest they are who they say they are. In most use cases, they must then confirm they can do what they’re trying to do. For many users, this is a relatively non-transparent process, and it might seem to happen magically behind the scenes. Read more

Is OAuth Enough for Financial-Grade API Security?

“If you think about where OAuth started, it was really about securing comments on blog posts and now we’re talking about enterprises, so it’s a whole different class of security.”

This is how Travis Spencer, CEO at the identity company Curity, opened his talk at our 2019 Austin API Summit, and it’s an astute summary of the way many products (particularly in the tech scene) are tweaked or re-engineered beyond their original purpose. Read more

What Is an API Gateway?

If you’re not an API practitioner, you may not be too comfortable with the idea of an API gateway. Following up on our recent article What Is the Difference Between APIs and Microservices?, we wanted to demystify another daunting API topic for the less technically oriented audience. Read more