Skip to main content
SpringerLink
Log in
Apress
Book cover

Advanced API Security

Securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE

  • Book
  • © 2014

Overview

Authors:
  1. Prabath Siriwardena
    View author publications

    You can also search for this author in PubMed   Google Scholar

  • Advanced API Security is a boots-on-the-ground reference to the next wave of challenges in service security--securing public and private APIs.

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (14 chapters)

  1. Front Matter

    Pages i-xix
    Download chapter PDF

  2. Managed APIs

    • Prabath Siriwardena
    Pages 1-10

  3. Security by Design

    • Prabath Siriwardena
    Pages 11-31

  4. HTTP Basic/Digest Authentication

    • Prabath Siriwardena
    Pages 33-46

  5. Mutual Authentication with TLS

    • Prabath Siriwardena
    Pages 47-58

  6. Identity Delegation

    • Prabath Siriwardena
    Pages 59-73

  7. OAuth 1.0

    • Prabath Siriwardena
    Pages 75-90

  8. OAuth 2.0

    • Prabath Siriwardena
    Pages 91-132

  9. OAuth 2.0 MAC Token Profile

    • Prabath Siriwardena
    Pages 133-142

  10. OAuth 2.0 Profiles

    • Prabath Siriwardena
    Pages 143-153

  11. User Managed Access (UMA)

    • Prabath Siriwardena
    Pages 155-170

  12. Federation

    • Prabath Siriwardena
    Pages 171-180

  13. OpenID Connect

    • Prabath Siriwardena
    Pages 181-200

  14. JWT, JWS, and JWE

    • Prabath Siriwardena
    Pages 201-220

  15. Patterns and Practices

    • Prabath Siriwardena
    Pages 221-230

  16. Back Matter

    Pages 231-235
    Download chapter PDF
Back to top

About this book

Advanced API Security is a complete reference to the next wave of challenges in enterprise security--securing public and private APIs.

API adoption in both consumer and enterprises has gone beyond predictions. It has become the ‘coolest’ way of exposing business functionalities to the outside world. Both your public and private APIs, need to be protected, monitored and managed. Security is not an afterthought, but API security has evolved a lot in last five years. The growth of standards, out there, has been exponential.

That's where AdvancedAPI Security comes in--to wade through the weeds and help you keep the bad guys away while realizing the internal and external benefits of developing APIs for your services. Our expert author guides you through the maze of options and shares industry leading best practices in designing APIs for rock-solid security. The book will explain, in depth, securing APIs from quite traditional HTTP Basic Authentication to OAuth 2.0 and the standards built around it.

Build APIs with rock-solid security today with Advanced API Security.

  • Takes you through the best practices in designing APIs for rock-solid security.
  • Provides an in depth tutorial of most widely adopted security standards for API security.
  • Teaches you how to compare and contrast different security standards/protocols to find out what suits your business needs the best.

About the author

Prabath Siriwardena is the Director of Security Architecture at WSO2 Inc., a company that produces a wide variety of open source software from data to screen. He is a member of OASIS Identity Metasystem Interoperability (IMI) TC,OASIS eXtensible Access Control Markup Language (XACML) TC, OASIS Security Services (SAML) TC, OASIS Identity in the Cloud TC and OASIS Cloud Authorization (CloudAuthZ) TC. Prabath is also a member of Apache Axis PMC and has spoken at numerous international conferences including OSCON, ApacheCon, WSO2Con, EIC, IDentity Next and OSDC. He has more than 9 years industry experience and has worked with many Fortune 100 companies.

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation