Static Credentials Must Not Be Used In The Browser
Authentication is described in this post. Modern business web applications tend to be a collage of service calls to numerous[…]
Read moreTag: APIs
Making Authorization Decisions
backwater / Adedotun Ajibade This blog post continues our discussion of Authorization in the API space. It will explore common[…]
Read moreHTTP POST vs GET: Is One More Secure For Use In REST APIs?
Grain / Kamil Porembiński The use of HTTP POST vs HTTP GET for read-only (or query) operations in REST APIs[…]
Read more
How To Submit Your Security Tokens to an API Provider, Pt. 2
This post was originally published as “How to Submit Tokens to an API Provider, Pt 2” on the Apigee Blog.[…]
Read more
How To Submit Your Security Tokens to an API Provider Pt. 1
This post was originally published as “How to Submit Tokens to an API Provider, Pt 1” on the Apigee Blog.[…]
Read more
Identity Propagation in an API Gateway Architecture
The power of end-to-end user security context with APIs This post was originally published as “Identity Propagation in an API[…]
Read moreDesign Principles for Seamless User Authentication
This post was originally published as “Design Principles for Seamless User Authentication” on the Apigee Blog. In a previous post,[…]
Read moreKeeping Your APIs Secure for Multiple User Types
This post was originally published as “Keeping Your APIs Secure for Multiple User Types” on the Apigee Blog. In an[…]
Read moreAPI MANAGEMENT AND PERIMETER SECURITY FOR COTS APPLICATIONS
This post was originally published as “API Management and Perimeter Security for COTS Applications” on the Levvel Blog. Kronos provides[…]
Read moreAPI Security vs. Web Application Security Part 1: A Brief History of Web Application Architecture
This post was originally published as “API Security vs. Web Application Security Part 1: A Brief History of Web Application[…]
Read more