The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Authentication"
Recent investigations show how users can be authenticated via web without using passwords. It’s called WebAuthn or Web Authentication that uses a Web API in a browser. Clients can be verified with their phones, hardware keys, or trusted devices. In his article, Nick Steele explains the new standards
Google is promoting the fact that beginning in Android P, developers have access to a BiometricPrompt API that allows them to integrate biometric authentication into their apps. The BiometricPrompt API only exposes strong biometric modalities, which are those that are less easily bypassed.
The W3C has announced a new web authentication standard that provides an API for accessing public key credentials. The standard, which is being referred to as WebAuthn, would allow users to log into websites without having to use passwords and instead use authorization gestures on their phones.
This article is part of a multi-part series about interesting APIs that were added to our directory during 2017. Security and Privacy APIs are covered in this segment. The APIs were chosen by our researchers, by popularity according to website traffic, and by mentions on social media.
This article is part of a multi-part series about interesting APIs that were added to our directory during 2017. App Development Tools and DevOps APIs are covered in this segment. The APIs were chosen by our researchers, by popularity according to website traffic, and by mentions on social media.
Dashlane and Google have (finally!) brought their OpenYOLO password manager to Android. The basic idea is to improve app adoption by smoothing over the login process. Developers can grab the code from GitHub and integrate the You Only Login Once tool with their mobile apps.
Despite the fact that the costs associated with hacking and data breaches have arguably never been higher, recent API-related security incidents involving large companies, T-Mobile and Accenture, highlight the fact that basic API security best practices are still often not being adhered to.
OAuth Newbies can find it tricky initially. In this tutorial you’ll learn how to get started with OAuth 2.0 while avoiding all the fiddly parts around handling tokens. The folks over at Insomnia will show you how to authenticate an API client for the GitHub API with OAuth 2.0 and the Insomnia app.
APIMatic, SDK generator, announced that its SDKs now support OAuth 2.0. Prior to this announcement, there was minimal support for OAuth 2.0 only for authentication token headers within requests. Now, the company is moving forward with full support and continued development.
TeleSign has greatly enhanced the iOS SDK for its App Verify service. The SDK allows app developers to handle verification completely in the background without multiple steps required for an onboarding user. By simply entering a phone number, the app exchanges with the phone for verification.
There are three standard ways to manage API authentication these days: API keys, OAuth tokens and JSON Web tokens (JWT). Adam Duvander over at the Zapier engineering blog explains how and when to use them. The humble API key is the common and earliest form of API authentication.
Developers are often asked to add eSignature capabilities to apps they are building. DocuSigning contracts in digital document form is the common way to do this, but contracts can be executed by email, SMS, click-through, and more. This article shows you how this can be done with the PactSafe API.
Google's fast and scaleable API gateway, Google Cloud Endpoints, is now generally available. Cloud Endpoints is built upon the same services that Google uses to power internal APIs. Cloud Endpoints ensures APIs used within apps on the Google Cloud Platform are monitored and secure
Stormpath made a name for itself with its backend, REST API that provides registration and authentication. The REST API operates in the backend of an app. As serverless architecture grows in use, a need for a frontend registration and authentication services arose. Enter the Stormpath Client API.
Single Sign On is a mechanism that creates the feeling of a single ecosystem across multiple services for a user by sharing key elements of an identity. SSO can provide users with a better experience and can result in cost savings. This article looks at how Intuit implements OpenID 2.0 as their SSO.
How to Implement the Google Contacts API Version 3.0 in C# and ASP.NET with OAuth 2.0 API University
Google Contacts API gives client applications access to a user’s contacts list where the application can create new contacts, update or delete existing ones, or query for contacts that match particular criteria. This tutorial explains how to implement the API in C# and ASP.NET with OAuth 2.0.
Dashlane and Google want to simplify security and authentication on Android devices and have an API to do it. App developers can use the new Open YOLO API to access the credentials stored in password managers to log users into apps and services. The idea here is to improve security.
Twilio has launched the Message Feedback API which monitors when end users receive messages. The API tracks actions that indicate when a message was received and reports the action back to Twilio. In turn, Twilio can tweak its services and delivery to adjust for network variances across the globe.
Seventeen APIs have been added to the ProgrammableWeb directory in categories including Financial, Art, and Authentication. One highlight is the ReviewTrust API, which enables developers to add confirmation of valid reviews and ratings about products for their users. Here's a look at what's new.
Microsoft’s ASP.NET Web API simplifies the process of building platform-agnostic RESTful HTTP services. The service’s portability makes it a useful tool, and in this tutorial on DeveloperHandbook.com, Jon Preece shows followers how to build a RESTful API using Web API and JWT.