Skip to Main Content
API Traffic Management 101
book

API Traffic Management 101

by Mike Amundsen
December 2019
Intermediate to advanced content levelIntermediate to advanced
78 pages
1h 50m
English
O'Reilly Media, Inc.
Content preview from API Traffic Management 101

Chapter 4. Securing Traffic

A comprehensive API traffic management system includes robust security features. This means a reliable authentication system as well as a scalable authorization strategy. Each aspect of security (authentication and authorization) is essential for a healthy API ecosystem. In this chapter, we cover API security basics such as API keys, authentication, authorization, and encryption.

Access control (or authorization) is a particularly important security element in API systems that rely on microservices. As your service collection grows and becomes more adaptable at runtime, it becomes increasingly difficult to know—ahead of time—just which services your request is likely to encounter. We devote some additional time in this chapter on designing and implementing a scalable and reliable authorization system based on access tokens.

Security Basics

The basics of API security (see Figure 4-1) center on authentication (the requesting identity) and authorization (the identity’s access controls for this request). API keys are another important element of API security because they help identify API usage independent of the requesting identity. There is also the matter of data encryption for messages in transit.

Also, a robust security implementation is able to deal with identity and access control between separate systems. For example, when APIs from your own system need to access services from an external API ecosystem such as Salesforce, SAP, and other so-called ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Deploying Reactive Microservices

Deploying Reactive Microservices

Edward Callahan

Publisher Resources

ISBN: 9781492056393