The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Authentication"
Dashlane and Google have (finally!) brought their OpenYOLO password manager to Android. The basic idea is to improve app adoption by smoothing over the login process. Developers can grab the code from GitHub and integrate the You Only Login Once tool with their mobile apps.
Despite the fact that the costs associated with hacking and data breaches have arguably never been higher, recent API-related security incidents involving large companies, T-Mobile and Accenture, highlight the fact that basic API security best practices are still often not being adhered to.
OAuth Newbies can find it tricky initially. In this tutorial you’ll learn how to get started with OAuth 2.0 while avoiding all the fiddly parts around handling tokens. The folks over at Insomnia will show you how to authenticate an API client for the GitHub API with OAuth 2.0 and the Insomnia app.
APIMatic, SDK generator, announced that its SDKs now support OAuth 2.0. Prior to this announcement, there was minimal support for OAuth 2.0 only for authentication token headers within requests. Now, the company is moving forward with full support and continued development.
TeleSign has greatly enhanced the iOS SDK for its App Verify service. The SDK allows app developers to handle verification completely in the background without multiple steps required for an onboarding user. By simply entering a phone number, the app exchanges with the phone for verification.
There are three standard ways to manage API authentication these days: API keys, OAuth tokens and JSON Web tokens (JWT). Adam Duvander over at the Zapier engineering blog explains how and when to use them. The humble API key is the common and earliest form of API authentication.
Developers are often asked to add eSignature capabilities to apps they are building. DocuSigning contracts in digital document form is the common way to do this, but contracts can be executed by email, SMS, click-through, and more. This article shows you how this can be done with the PactSafe API.
Google's fast and scaleable API gateway, Google Cloud Endpoints, is now generally available. Cloud Endpoints is built upon the same services that Google uses to power internal APIs. Cloud Endpoints ensures APIs used within apps on the Google Cloud Platform are monitored and secure
Stormpath made a name for itself with its backend, REST API that provides registration and authentication. The REST API operates in the backend of an app. As serverless architecture grows in use, a need for a frontend registration and authentication services arose. Enter the Stormpath Client API.
Single Sign On is a mechanism that creates the feeling of a single ecosystem across multiple services for a user by sharing key elements of an identity. SSO can provide users with a better experience and can result in cost savings. This article looks at how Intuit implements OpenID 2.0 as their SSO.
How to Implement the Google Contacts API Version 3.0 in C# and ASP.NET with OAuth 2.0 API University
Google Contacts API gives client applications access to a user’s contacts list where the application can create new contacts, update or delete existing ones, or query for contacts that match particular criteria. This tutorial explains how to implement the API in C# and ASP.NET with OAuth 2.0.
Dashlane and Google want to simplify security and authentication on Android devices and have an API to do it. App developers can use the new Open YOLO API to access the credentials stored in password managers to log users into apps and services. The idea here is to improve security.
Twilio has launched the Message Feedback API which monitors when end users receive messages. The API tracks actions that indicate when a message was received and reports the action back to Twilio. In turn, Twilio can tweak its services and delivery to adjust for network variances across the globe.
Seventeen APIs have been added to the ProgrammableWeb directory in categories including Financial, Art, and Authentication. One highlight is the ReviewTrust API, which enables developers to add confirmation of valid reviews and ratings about products for their users. Here's a look at what's new.
Microsoft’s ASP.NET Web API simplifies the process of building platform-agnostic RESTful HTTP services. The service’s portability makes it a useful tool, and in this tutorial on DeveloperHandbook.com, Jon Preece shows followers how to build a RESTful API using Web API and JWT.
The latest beta release of Chrome includes support for W3C's Credential Management API. The API allows developers to store and sync sign-in information with a browser's credential manager. Chrome support and integration should cut down on the number of sign-ins required by a user while browsing.
Google is asking developers to update their apps with the latest Android APIs and authentication protocols as it retires some functionality and leaves obsolete tools in the dust. In particular, the Bind_Listener API for Android Wear is being deprecated and OAuth 1.0 is being retired.
Spotify’s music streaming service provides ‘music for everyone’ in a way that has spawned dozens of related applications through Spotify API integration. In this tutorial, Jon Kaufman shows followers how to authenticate to Spotify’s web API from a React and React-Router app.
Two security researchers discovered insecure, authentication-less APIs that made the world's best-selling electric car, the Nissan LEAF, vulnerable to hackers who could obtain private information about a vehicle's operations and travels and even control key vehicle functions.
If your app uses OAuth as a means of authentication, you are likely storing users' OAuth tokens in a database. To maintain the secrecy of these tokens, you can use encryption both in transit and at rest. This article shows how SecureDB can encrypt OAuth tokens in a matter of minutes.