Presentation: Securing Your API
These are the slides from my presentation, given at php|tek 2011 and a recent TriPUG meetup. Here is the description of my talk...
Providing an Application Programming Interface (or API) has become a crucial piece of the modern web application. API’s provide opportunities to build the ecosystem around your application, opening doors for collaboration and innovative mashups. However, the API opens up another entry point into your application, requiring that you somehow secure the access to it.
This talk will outline some of the options you have when securing your API. I’ll give overviews and implementation tips on some of the more popular schemes such as OAuth, HTTP authentication, and generating API keys. We’ll also look at some general API best practices such as rate limiting, error handling, and secure data communication.
You can download the slides from SlideShare if you are interested.
For your reading pleasure…
Connect with me…
Follow me on Twitter...
- I forgot how intense 120 minute is. Kinda kicked my butt. Going to sleep now :) 21 hrs ago
- Last beer for 40 days! — Drinking a 120 Minute IPA (2011) by @dogfishbeer — http://t.co/LfiV0gPg #photo 22 hrs ago
- Anyone used @stripe for credit card processing? Experiences? 1 day ago
- …with only 2 exceptions. Cicerone class for tastings, and tastings of homebrew (but just tastes…) 1 day ago
- More updates...