Despite the fact that the costs associated with hacking and data breaches have arguably never been higher, recent API-related security incidents involving large companies, T-Mobile and Accenture, highlight the fact that basic API security best practices are still often not being adhered to.
The following is a list of ProgrammableWeb articles that matched your search term. On an nearly 24/7 basis, ProgrammableWeb publishes new articles ranging from news to opinion to tutorials for both developers and API providers. All of our articles are categorized in such a way that you can find your way to related articles, APIs, SDKs, Libraries, Frameworks, Tutorials and Sample Source Code. If you have an interest in contributing any of the aforementioned content to ProgrammableWeb, be sure to read our guidelines for such contributions.
OAuth Newbies can find it tricky initially. In this tutorial you’ll learn how to get started with OAuth 2.0 while avoiding all the fiddly parts around handling tokens. The folks over at Insomnia will show you how to authenticate an API client for the GitHub API with OAuth 2.0 and the Insomnia app.
APIMatic, SDK generator, announced that its SDKs now support OAuth 2.0. Prior to this announcement, there was minimal support for OAuth 2.0 only for authentication token headers within requests. Now, the company is moving forward with full support and continued development.
TeleSign has greatly enhanced the iOS SDK for its App Verify service. The SDK allows app developers to handle verification completely in the background without multiple steps required for an onboarding user. By simply entering a phone number, the app exchanges with the phone for verification.
There are three standard ways to manage API authentication these days: API keys, OAuth tokens and JSON Web tokens (JWT). Adam Duvander over at the Zapier engineering blog explains how and when to use them. The humble API key is the common and earliest form of API authentication.
Developers are often asked to add eSignature capabilities to apps they are building. DocuSigning contracts in digital document form is the common way to do this, but contracts can be executed by email, SMS, click-through, and more. This article shows you how this can be done with the PactSafe API.
Google's fast and scaleable API gateway, Google Cloud Endpoints, is now generally available. Cloud Endpoints is built upon the same services that Google uses to power internal APIs. Cloud Endpoints ensures APIs used within apps on the Google Cloud Platform are monitored and secure
Stormpath made a name for itself with its backend, REST API that provides registration and authentication. The REST API operates in the backend of an app. As serverless architecture grows in use, a need for a frontend registration and authentication services arose. Enter the Stormpath Client API.
Single Sign On is a mechanism that creates the feeling of a single ecosystem across multiple services for a user by sharing key elements of an identity. SSO can provide users with a better experience and can result in cost savings. This article looks at how Intuit implements OpenID 2.0 as their SSO.
How to Implement the Google Contacts API Version 3.0 in C# and ASP.NET with OAuth 2.0 API University
Google Contacts API gives client applications access to a user’s contacts list where the application can create new contacts, update or delete existing ones, or query for contacts that match particular criteria. This tutorial explains how to implement the API in C# and ASP.NET with OAuth 2.0.