We here at ProgrammableWeb see a lot of APIs. Many of them are pretty secure, and some sadly are not. So, what makes an API secure? Well, I'm glad you asked. There are a lot of things one can do to improve the security of an API. Below I'll outline three simple practices that make up a good start for a secure API.
On the heels of recent research that indicates rampant secret leaks in public repositories, GitLab has included a new check feature in its 11.9 release. The new check, secret detection, scans repository contents for API keys and other data that should be treated as secret by the user.