© Prabath Siriwardena 2020Prabath SiriwardenaAdvanced API Securityhttps://doi.org/10.1007/978-1-4842-2050-4_3
3. Securing APIs with Transport Layer Security (TLS)
San Jose, CA, USA
Securing APIs with Transport Layer Security (TLS) is the most common form of protection we see in any API deployment. If you are new to TLS, please check Appendix C first, which explains TLS in detail and how it works. In securing APIs, we use TLS to secure or encrypt the communication—or protect the data in transit—and also we use TLS mutual authentication to make sure only the legitimate clients can access the APIs.
In this chapter, we discuss how to deploy an API implemented in Java Spring Boot, enable TLS, and protect an API with mutual TLS. ...