Skip to main content
DI

API Security in Action

Neil Madden

intermediateAPI SecurityAuthenticationAuthorization

API Security in Action

by Neil Madden

4.7/5
Manning
2020
456 pages
ISBN: 978-1617296024
Buy on AmazonPublisher Site

Summary

API Security in Action teaches you how to create secure APIs for any situation. It covers authentication, authorization, audit logging, rate limiting, and encryption for REST, gRPC, and message-based APIs. The book uses practical Java examples but the principles apply to any language.

Why Read This Book

APIs are the backbone of modern applications, and securing them is critical. This book provides comprehensive, practical guidance that goes far beyond OAuth tokens to cover the full spectrum of API security concerns.

Key Takeaways

  • Securing REST APIs with tokens, OAuth 2.0, and capability-based access control
  • Rate limiting, audit logging, and input validation
  • Securing microservices and service-to-service communication
  • Token-based authentication with JWTs and Macaroons
  • Implementing end-to-end API security across the full stack

Who Should Read This

API developers who want comprehensive coverage of API security beyond just OAuth integration.

API DevelopersBackend EngineersSecurity Engineers

Frequently Asked Questions

What is "API Security in Action" about?

API Security in Action teaches you how to create secure APIs for any situation. It covers authentication, authorization, audit logging, rate limiting, and encryption for REST, gRPC, and message-based APIs. The book uses practical Java examples but the principles apply to any language.

Who should read "API Security in Action"?

API developers who want comprehensive coverage of API security beyond just OAuth integration.

What are the key takeaways from "API Security in Action"?

Key takeaways include: Securing REST APIs with tokens, OAuth 2.0, and capability-based access control; Rate limiting, audit logging, and input validation; Securing microservices and service-to-service communication.

Related Books

Browse all

OAuth 2 in Action

Justin Richer

OAuth 2 in Action

Justin Richer, Antonio Sanso

4.5

OAuth 2 in Action teaches you the practical use and deployment of OAuth 2 from the perspective of a client, authorization server, and resource server. You'll learn how to build an OAuth 2 ecosystem from scratch, understand the security implications, and implement it correctly in real-world scenarios.

intermediateAuthenticationAuthorization

OAuth 2.0 Simplified

Aaron Parecki

OAuth 2.0 Simplified

Aaron Parecki

4.6

OAuth 2.0 Simplified is a guide to building OAuth 2.0 servers and clients. Written by the author of oauth.com, it covers the OAuth 2.0 framework in clear, approachable language with practical examples for web and mobile applications.

beginnerAuthenticationAuthorization

Advanced API Security

Prabath Siriwardena

Advanced API Security

Prabath Siriwardena

4.1

Advanced API Security covers cutting-edge API security patterns including OAuth 2.0 extensions, OpenID Connect, UMA, token binding, and mutual TLS. It explores advanced topics like API gateways, service mesh security, and securing microservices architectures.

advancedAPI SecurityAuthentication