Posts Tagged: authorization

Introducing The API Security Maturity Model

When a user utilizes a service, that user must first attest they are who they say they are. In most use cases, they must then confirm they can do what they’re trying to do. For many users, this is a relatively non-transparent process, and it might seem to happen magically behind the scenes. Read more

Is OAuth Enough for Financial-Grade API Security?

“If you think about where OAuth started, it was really about securing comments on blog posts and now we’re talking about enterprises, so it’s a whole different class of security.”

This is how Travis Spencer, CEO at the identity company Curity, opened his talk at our 2019 Austin API Summit, and it’s an astute summary of the way many products (particularly in the tech scene) are tweaked or re-engineered beyond their original purpose. Read more

8+ Biometrics APIs At Your Fingertips

Looking for a web API to handle fingerprint identification? Let us identify the best ones for you…

Until recent years, fingerprints were something that most of us didn’t think about that often. Now, however, they’re something that most smartphone owners use to unlock their devices, complete online banking transactions, and so on. Read more

What is The Role of Identity in API Security?

What options do APIs and microservices have when it comes to authentication and authorization? What is the role of identity in API security?

In our last LiveCast, we sought to discover best practices for handling identity within API security. Read more

8 Vital OAuth Flows and Powers

Daniel Lindau of Curity provides an overview of important OAuth flows and abilities The API space requires authorization in order to secure data – this is a given in the modern era. Accordingly, implementing the correct authorization system is vitally important, perhaps even more important than the API it is meant to handle authorization for. Read more