Authentication for APIs

HTTP Authentication you own this product

This free project is part of the liveProject series Authentication, Authorization, and Audit Management for APIs
basics of Java, Spring, and debugging
skills learned
understanding an API specified in Open API Specification 3.0 • setting up an environment to implement an API • adding basic HTTP authentication
Sashank Dara
1 week · 6-8 hours per week · BEGINNER
filed under

placing your order...

Don't refresh or navigate away from the page.
This free project is part of the liveProject series Authentication, Authorization, and Audit Management for APIs explore series
Check your email for instructions on accessing HTTP Authentication (liveProject)
continue shopping
adding to cart

Look inside
In this liveProject, you’ll implement username-based HTTP authentication for your API in order to securely store passwords in your database. You’ll develop user signup functionality to ensure only registered users can leverage the REST API, build a user login for authenticating users as they access your REST API, and test its functionality using Postman.

This liveProject was implemented by Natan Streppel.

project author

Sashank Dara

Sashank Dara received his PhD in cybersecurity from IIIT-Bangalore in the area of applied cryptography and threat intelligence. He’s an expert cybersecurity technologist with more than 17 years of experience in the field, including as a consultant advisor for Manipal Global Education Services’ cybersecurity programs and as a security technology and strategy advisor for security startups including Appknox, Haltdos, and He remains a trusted information security consultant and advisor for top companies in EdTech, IT/ITes, academia, and real estate. He’s the co-inventor of 5 U.S. patents (and 3 IETF drafts) in the areas of cloud, SDN, and NFV security, and he’s published more than a dozen research papers at IEEE, LNCS conferences in the areas of cloud security, privacy, cryptography, and threat intelligence. A prolific speaker at security conferences and invited talks, Dara is currently the CTO and co-founder of Seconize, an award-winning cybersecurity startup pioneering a cyber risk and compliance management SaaS product suite.


The liveProject is for Java programmers familiar with the basics of REST APIs. To begin this project you will need to be familiar with:

  • Basics of Java, min. version 11, (classes, interfaces)
  • Basics of Spring MVC (POST of GET requests)
  • Basics of JDBC or Spring Data (insert or retrieve data from a database)
  • Java IDEs such as Eclipse or IntelliJ IDEA
  • Testing APIs via Postman
  • Gradle, min. version 6.4.1
  • Docker, min. version 17.03, and Docker Compose, min. version 1.22.0
  • Git
  • Basic debugging
  • Code reviews
  • Code refactoring
  • Unit testing
  • Security testing

you will learn

In this series of liveProjects, you’ll learn how to add essential security features to a REST API.

  • Understanding an API specified in Open API Specification 3.0 using Swagger
  • Setting up an environment to implement the API specification provided using Java Spring
  • Implementing basic HTTP authentication with username and password as per standards
  • Testing the functionality of the reference API implementation using Postman


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.