contents

 

preface

acknowledgments

about this book

about the author

about the cover illustration

  

Part 1. Foundations

  1 What is API security?

  1.1  An analogy: Taking your driving test

  1.2  What is an API?

API styles

  1.3  API security in context

A typical API deployment

  1.4  Elements of API security

Assets

Security goals

Environments and threat models

  1.5  Security mechanisms

Encryption

Identification and authentication

Access control and authorization

Audit logging

Rate-limiting

  2 Secure API development

  2.1  The Natter API

Overview of the Natter API

Implementation overview

Setting up the project

Initializing the database