Advertisement

Advanced API Security

OAuth 2.0 and Beyond

  • Prabath¬†Siriwardena
Book

Table of contents

  1. Front Matter
    Pages i-xix
  2. Prabath Siriwardena
    Pages 1-32
  3. Prabath Siriwardena
    Pages 33-67
  4. Prabath Siriwardena
    Pages 69-79
  5. Prabath Siriwardena
    Pages 81-101
  6. Prabath Siriwardena
    Pages 103-127
  7. Prabath Siriwardena
    Pages 129-155
  8. Prabath Siriwardena
    Pages 157-184
  9. Prabath Siriwardena
    Pages 185-210
  10. Prabath Siriwardena
    Pages 211-226
  11. Prabath Siriwardena
    Pages 227-241
  12. Prabath Siriwardena
    Pages 243-255
  13. Prabath Siriwardena
    Pages 257-276
  14. Prabath Siriwardena
    Pages 277-286
  15. Prabath Siriwardena
    Pages 287-304
  16. Prabath Siriwardena
    Pages 305-319
  17. Prabath Siriwardena
    Pages 321-330
  18. Prabath Siriwardena
    Pages 331-354
  19. Prabath Siriwardena
    Pages 355-376
  20. Prabath Siriwardena
    Pages 377-396
  21. Prabath Siriwardena
    Pages 397-399
  22. Prabath Siriwardena
    Pages 401-423
  23. Prabath Siriwardena
    Pages 425-437
  24. Back Matter
    Pages 439-449

About this book

Introduction

Prepare for the next wave of challenges in enterprise security. Learn to better protect, monitor, and manage your public and private APIs. 

Enterprise APIs have become the common way of exposing business functions to the outside world. Exposing functionality is convenient, but of course comes with a risk of exploitation. This book teaches you about TLS Token Binding, User Managed Access (UMA) 2.0, Cross Origin Resource Sharing (CORS), Incremental Authorization, Proof Key for Code Exchange (PKCE), and Token Exchange. Benefit from lessons learned from analyzing multiple attacks that have taken place by exploiting security vulnerabilities in various OAuth 2.0 implementations. Explore root causes, and improve your security practices to mitigate against similar future exploits. 

Security must be an integral part of any development project. This book shares best practices in designing APIs for rock-solid security. API security has evolved since the first edition of this book, and the growth of standards has been exponential. OAuth 2.0 is the most widely adopted framework that is used as the foundation for standards, and this book shows you how to apply OAuth 2.0 to your own situation in order to secure and protect your enterprise APIs from exploitation and attack. 

You will:
  • Securely design, develop, and deploy enterprise APIs
  • Pick security standards and protocols to match business needs
  • Mitigate security exploits by understanding the OAuth 2.0 threat landscape
  • Federate identities to expand business APIs beyond the corporate firewall
  • Protect microservices at the edge by securing their APIs
  • Develop native mobile applications to access APIs securely
  • Integrate applications with SaaS APIs protected with OAuth 2.0


Keywords

API's REST JSON REST Security IOT Security OAuth Securing API's User Managed Access (UMA) SAML JSON Seurity JSON Encrytption

Authors and affiliations

  • Prabath¬†Siriwardena
    • 1
  1. 1.San JoseUSA

Bibliographic information