Posts Tagged: Security

5 Ways To Hack An API (And How To Defend)

API hacking is, unfortunately, part of the modern API landscape. Whenever you have resources exposed to the greater internet, those resources are going to be attacked in some way.

Thankfully, half of the fight is just being aware of the threats against your API. Read more

API Security: A Gateway To Heaven

Because they power applications used by hundreds, thousands, and even millions of people, security is hugely important when creating APIs. Despite this, perhaps due to their now outdated reputation as niche products “just for techies,” there can be a bit of an air of complacency around API security. Read more

Assisted Token Flow: The Answer to OAuth Integration in Single Page Applications

OAuth is an incredibly popular internet standard for granting apps and web services access to the information available on other websites. Though the implementation is complex, the premise is simple: you tell a website you want to access its data, you log in with the user’s details, and off you go — but without some kind of protocol the process would be a whole lot more complicated. Read more

9 Questions for Top-Level API Security Auditing

One of the most important things any API developer can realize is the fact that, as a data handler, they have some of the most important legal and moral requirements towards their data subjects of any technically oriented organization.

The fact that consumers entrust developers with their data at all is predicated upon the idea that this data will be secured, that the API itself will be bolstered against attacks, and that the API provider is doing everything within their power to continually secure themselves against potential threats. Read more