August 10, 2012
Previously set to go away today, using the Twitter API with basic authentication will instead be phased out over the next two weeks. During that time, any application still using the older method should switch to OAuth, which has been the preferred method for some time.
When programming a web application, security is often a prime concern. If you've read my previous articles, you've often seen me comment on how secure an API is, as many of them are pretty secure, but many of them are not. When working on a cool application, often security is something you don't really want to spend that much time thinking about, which is why Layer 7 recently released an OAuth toolkit.
The Cloud Security Alliance Summit brought together a panel of security experts on February 27 in San Francisco to examine the threats posed by API and cloud-based computing. But rather than providing guidance on how to mitigate security risks they focused instead on the uncertain nature of security in an environment that is increasingly dominated by applications that use APIs to transfer data across the cloud.