Developers love APIs for their adaptability, modularity, ease of integration, and accessibility to third-party services and data. Those benefits, however, can put APIs at risk for security breaches. Building security into your API design at the beginning—not as an afterthought—allows you to offer all the benefits customers want along with the security they need.
Inherently Secure API Design presents four chapters from three Manning books, skillfully chosen by industry expert Arnaud Lauret. In the first chapter, you’ll learn what exactly an API is, why API design matters, and what considerations to factor into your design. Next you’ll discover just how thinking of security as a necessity—not a feature!—leads to creating APIs that are inherently secure. You’ll move on to looking at API security concerns from the user’s standpoint when facilitating access control and dealing with sensitive data. Lastly, you’ll explore OAuth 2.0, a security protocol widely used to protect APIs from small startups all the way to large-scale providers including Google and Facebook. With this essential addition to your API toolkit, you’ll have the skills you need to start designing secure APIs that you can confidently share with the world.
about the author
A software architect with extensive experience in the banking industry, Arnaud Lauret
has spent 10 years using, designing, and building APIs. He blogs under the name of API Handyman and has created the API Stylebook website.