APIs have become the foundation of modern software. A reliable API turns a service into a ready-made building block for developers to build into their applications. But the openness and accessibility that make APIs so popular can also put them at risk for security breaches. That’s why building security into your APIs is so important.
This book showcases chapters from three Manning books. You’ll start with an introduction to API security elements and take a look at security mechanisms including identification and authentication as well as access control and authorization. As you build a sample API project in the next chapter, you’ll see examples of attacks against APIs and learn how to guard against those attacks, applying basic secure development principles as you go. Next, you’ll zoom in on the importance of integrating security into the design and implementation of microservices. Last but not least, you’ll discover security-minded API design constructs. With this guide, you’ll have the basic skills to build secure APIs.
Topics
- What is API security?
- Secure PAI development
- NOSQL: Securing north/south traffic with an API gateway
- Code constructs promoting security