2 Understanding APIs

With our understanding of the role APIs play and the security challenges associated with them, let’s take a deeper look at how APIs work in much more detail. By the conclusion of this chapter, you will have a full understanding of how APIs work, starting with the transport protocol and the choice of APIs available to developers. The two central tenets of API security are authentication and authorization—we will cover these in detail to understand their pivotal role. Finally, you’ll understand how keys and tokens are used in ensuring the security and integrity of APIs and the identity of API clients.

In this chapter, we’re going to cover the following main topics:

The fundamentals of HTTP
The different types of APIs that ...

Get Defending APIs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Defending APIs by Colin Domoney

2

Understanding APIs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly