API Security 101

cookie is not suitable.

A problem of API Authorization

Past - XML, SOAP, SAML. WS-*.

Combine this data on the internet of things

XML was too verbose. Early mobile devices had query string length limitations on.

Present - JSON, HTTP APIs, Oauth & Open API connect.

Authentication: is the process of verify identify. - user name and password.

Authorization: is someone is allowed to do. - access to do

---

• Previous
  What's in my bag
• Next
  Book review: A philosophy of software design (From Ch.5 to Ch.10)

---