Advanced API Security: Securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE

Advanced API Security: Securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE image
ISBN-10:

1430268182

ISBN-13:

9781430268185

Edition: 1st ed.
Released: Aug 11, 2014
Publisher: Apress
Format: Paperback, 260 pages
to view more data

Description:

Advanced API Security is a complete reference to the next wave of challenges in enterprise security--securing public and private APIs.

API adoption in both consumer and enterprises has gone beyond predictions. It has become the ‘coolest’ way of exposing business functionalities to the outside world. Both your public and private APIs, need to be protected, monitored and managed. Security is not an afterthought, but API security has evolved a lot in last five years. The growth of standards, out there, has been exponential.

That's where AdvancedAPI Security comes in--to wade through the weeds and help you keep the bad guys away while realizing the internal and external benefits of developing APIs for your services. Our expert author guides you through the maze of options and shares industry leading best practices in designing APIs for rock-solid security. The book will explain, in depth, securing APIs from quite traditional HTTP Basic Authentication to OAuth 2.0 and the standards built around it.

Build APIs with rock-solid security today with Advanced API Security.

  • Takes you through the best practices in designing APIs for rock-solid security.
  • Provides an in depth tutorial of most widely adopted security standards for API security.
  • Teaches you how to compare and contrast different security standards/protocols to find out what suits your business needs the best.
What youll learn
  • Build APIs with rock-solid security by understanding best practices and design guidelines.
  • Get a thorough understanding about widely adopted security standards for API security.
  • Compare and contrast different security standards/protocols to find out what suits your business needs, the best.
  • Expand business APIs to partners and outsiders with Identity Federation.
  • Get hands-on experience in developing clients against Facebook, Twitter, and Salesforce APIs.
  • Understand and learn how to mitigate security threats.
Who this book is for

Advanced API Security is for enterprise security architects and developers who are designing, building and managing APIs. The book will provide guidelines, best practices in designing APIs and threat mitigation techniques for enterprise security architects while developers would be able to gain hands-on experience by developing API clients against Facebook, Twitter, Salesforce and many other cloud service providers.

Table of Contents
  • Managed APIs
  • Security by Design
  • HTTP Basic/Digest Authentication
  • Mutual Authentication and Transport Level Security
  • Identity Delegation
  • OAuth 1.0
  • OAuth 2.0 AND Bearer Token Profile
  • OAuth 2.0 MAC Token Profile
  • Oauth 2.0 Profiles
  • User Managed Access (UMA)
  • Federation
  • OpenID Connect
  • JWT, JWS, and JWE
  • Patterns & Practices

Low Price Summary






Top Bookstores


























We're an Amazon Associate. We earn from qualifying purchases at Amazon and all stores listed here.

DISCLOSURE: We're an eBay Partner Network affiliate and we earn commissions from purchases you make on eBay via one of the links above.

Want a Better Price Offer?

Set a price alert and get notified when the book starts selling at your price.

Want to Report a Pricing Issue?

Let us know about the pricing issue you've noticed so that we can fix it.