The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Authentication", Category: "Authorization", Category: "Verification"
Recent investigations show how users can be authenticated via web without using passwords. It’s called WebAuthn or Web Authentication that uses a Web API in a browser. Clients can be verified with their phones, hardware keys, or trusted devices. In his article, Nick Steele explains the new standards
Twelve APIs have been added to the ProgrammableWeb directory in categories including Telephony, Verification, and Artificial Intelligence. Featured today is a 'forecast-as-a-service' API and an API that converts almost any file to PDF. Here's a rundown of the latest additions.
Google is promoting the fact that beginning in Android P, developers have access to a BiometricPrompt API that allows them to integrate biometric authentication into their apps. The BiometricPrompt API only exposes strong biometric modalities, which are those that are less easily bypassed.
Seventeen APIs have been added to the ProgrammableWeb directory in categories including Banking, Cryptocurrency and Mapping. Featured are APIs from FollowAnalytics for mobile app engagement services, and APIs from PelicanPay for compliant banking. Here's a rundown of the latest additions.
The W3C has announced a new web authentication standard that provides an API for accessing public key credentials. The standard, which is being referred to as WebAuthn, would allow users to log into websites without having to use passwords and instead use authorization gestures on their phones.
Turn Technologies recently announced an identity verification and mass payments platform through its Turn API. The identity verification platform searches more than 100 billion records across 10,000 databases in less than 10 seconds. Same day, mass payments are connected to 400 million US accounts.
This article is part of a multi-part series about interesting APIs that were added to our directory during 2017. Security and Privacy APIs are covered in this segment. The APIs were chosen by our researchers, by popularity according to website traffic, and by mentions on social media.
This article is part of a multi-part series about interesting APIs that were added to our directory during 2017. App Development Tools and DevOps APIs are covered in this segment. The APIs were chosen by our researchers, by popularity according to website traffic, and by mentions on social media.
BioID has enhanced its biometrics as a service portfolio with the launch of its PhotoVerify API. Part of the BioID Web Services suite, the PhotoVerify API compares a live image against a photo ID to verify identity. The API approach lowers time and cost associated with advanced identification.
Dashlane and Google have (finally!) brought their OpenYOLO password manager to Android. The basic idea is to improve app adoption by smoothing over the login process. Developers can grab the code from GitHub and integrate the You Only Login Once tool with their mobile apps.
Despite the fact that the costs associated with hacking and data breaches have arguably never been higher, recent API-related security incidents involving large companies, T-Mobile and Accenture, highlight the fact that basic API security best practices are still often not being adhered to.
OAuth Newbies can find it tricky initially. In this tutorial you’ll learn how to get started with OAuth 2.0 while avoiding all the fiddly parts around handling tokens. The folks over at Insomnia will show you how to authenticate an API client for the GitHub API with OAuth 2.0 and the Insomnia app.
APIMatic, SDK generator, announced that its SDKs now support OAuth 2.0. Prior to this announcement, there was minimal support for OAuth 2.0 only for authentication token headers within requests. Now, the company is moving forward with full support and continued development.
Mailgun added a slew of new features to its email validation API including target mailbox validation, role-based address check, disposable mailbox, reporting, and rate limits. Additionally, Mailgun added the API under its existing SLA and has transitioned to a tiered, usage-based pricing model.
TeleSign has greatly enhanced the iOS SDK for its App Verify service. The SDK allows app developers to handle verification completely in the background without multiple steps required for an onboarding user. By simply entering a phone number, the app exchanges with the phone for verification.
There are three standard ways to manage API authentication these days: API keys, OAuth tokens and JSON Web tokens (JWT). Adam Duvander over at the Zapier engineering blog explains how and when to use them. The humble API key is the common and earliest form of API authentication.
Developers are often asked to add eSignature capabilities to apps they are building. DocuSigning contracts in digital document form is the common way to do this, but contracts can be executed by email, SMS, click-through, and more. This article shows you how this can be done with the PactSafe API.
Google's fast and scaleable API gateway, Google Cloud Endpoints, is now generally available. Cloud Endpoints is built upon the same services that Google uses to power internal APIs. Cloud Endpoints ensures APIs used within apps on the Google Cloud Platform are monitored and secure
Stormpath made a name for itself with its backend, REST API that provides registration and authentication. The REST API operates in the backend of an app. As serverless architecture grows in use, a need for a frontend registration and authentication services arose. Enter the Stormpath Client API.
Single Sign On is a mechanism that creates the feeling of a single ecosystem across multiple services for a user by sharing key elements of an identity. SSO can provide users with a better experience and can result in cost savings. This article looks at how Intuit implements OpenID 2.0 as their SSO.