This is first part of ProgrammableWeb’s series on Understanding the Realities of API Security based on testimony by ProgrammableWeb’s editor-in-chief David Berlind to the ONC’s API Security and Privacy Task Force. This part looks at how the external availability of APIs can impact their security.
As part of an effort to make application integration more secure, MuleSoft announced that it has inked an alliance with Ping Identity to enable developers to more easily leverage PingFederate as an Open Authorization (OAuth) provider from within the MuleSoft Anypoint integration platform.
Google is making it even easier for developers wishing to implement OpenID with the OAuth. Google has announced that developers can now utilize a "Hybrid Protocol" that combines the OpenID federated login with the OAuth authorization process. The new OpenID OAuth extension makes it easier for developers to implement OAuth through initial authentication using OpenID. According to Yariv Adan on the Google Data APIs Blog: