In this chapter, we'll deal with different methodologies for testing security of APIs. This chapter needs concepts of OAuth, which have been covered in the previous chapter, so a good understanding of OAuth 2.0 is necessary. We will use access tokens heavily and make requests to API endpoints while testing them.
Web APIs have recently gained a lot of popularity among developers because they easily allow third-party programs to interact with the website in a more efficient and easy way.
The chapter will gradually start off with some basic concepts and then later cover actual testing. So let's begin.
REST stands for Representational State Transfer, which is simply an architectural philosophy ...