API keys are both incredibly powerful and extremely vulnerable. API key exposure can result in significant damage, both to a company and to the data it holds. As such, hiding and securing keys (as well as mitigating potential loss) is critical for any security plan in the modern API space. Read more
Posts Tagged: secure
If there’s one takeaway from the recent data security issues, it’s this — security is a paramount concern for any organization, large or small. That’s why it’s so confusing, then, to see so many organizations taking a lax approach towards security. Read more
One of the most important things any API developer can realize is the fact that, as a data handler, they have some of the most important legal and moral requirements towards their data subjects of any technically oriented organization.
The fact that consumers entrust developers with their data at all is predicated upon the idea that this data will be secured, that the API itself will be bolstered against attacks, and that the API provider is doing everything within their power to continually secure themselves against potential threats. Read more
A JSON Web Token or JWT is an extremely powerful standard. It’s a signed JSON object; a compact token format often exchanged in HTTP headers to encrypt web communications.
Because of its power, JWTs can be found driving some of the largest modern API implementations. Read more
We tend to spend a lot of time talking about the wonders the Application Programming Interface (API) can do to connect our digital and mobile world, but we must also talk about the elephant in the room: API security is a real problem. Read more