© Prabath Siriwardena 2020
Prabath SiriwardenaAdvanced API Securityhttps://doi.org/10.1007/978-1-4842-2050-4_3

3. Securing APIs with Transport Layer Security (TLS)

Prabath Siriwardena
(1)
San Jose, CA, USA
 
Securing APIs with Transport Layer Security (TLS) is the most common form of protection we see in any API deployment. If you are new to TLS, please check Appendix C first, which explains TLS in detail and how it works. In securing APIs, we use TLS to secure or encrypt the communication—or protect the data in transit—and also we use TLS mutual authentication to make sure only the legitimate clients can access the APIs.
In this chapter, we discuss how to deploy an API implemented in Java Spring Boot, enable TLS, and protect an API with mutual TLS. ...

Get Advanced API Security: OAuth 2.0 and Beyond now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.