Posts Tagged: secure

Hiding and Securing Your API Keys

API keys are both incredibly powerful and extremely vulnerable. API key exposure can result in significant damage, both to a company and to the data it holds. As such, hiding and securing keys (as well as mitigating potential loss) is critical for any security plan in the modern API space. Read more

9 Questions for Top-Level API Security Auditing

One of the most important things any API developer can realize is the fact that, as a data handler, they have some of the most important legal and moral requirements towards their data subjects of any technically oriented organization.

The fact that consumers entrust developers with their data at all is predicated upon the idea that this data will be secured, that the API itself will be bolstered against attacks, and that the API provider is doing everything within their power to continually secure themselves against potential threats. Read more

What is a JWT?

Why Can’t I Just Send JWTs Without OAuth?

A JSON Web Token or JWT is an extremely powerful standard. It’s a signed JSON object; a compact token format often exchanged in HTTP headers to encrypt web communications.

Because of its power, JWTs can be found driving some of the largest modern API implementations. Read more