Skip to main content
DI

Advanced API Security

Prabath Siriwardena

advancedAPI SecurityAuthenticationAuthorization

Advanced API Security

OAuth 2.0 and Beyond

by Prabath Siriwardena

4.1/5
Apress
2020
455 pages
ISBN: 978-1484220498
Buy on AmazonPublisher Site

Summary

Advanced API Security covers cutting-edge API security patterns including OAuth 2.0 extensions, OpenID Connect, UMA, token binding, and mutual TLS. It explores advanced topics like API gateways, service mesh security, and securing microservices architectures.

Why Read This Book

For teams that have outgrown basic OAuth and need to tackle advanced API security challenges in microservices, multi-tenant, and high-security environments.

Key Takeaways

  • Advanced OAuth 2.0 patterns and extensions
  • UMA (User-Managed Access) for fine-grained resource sharing
  • Token binding and proof-of-possession tokens
  • API gateway security patterns
  • Securing microservices with service mesh and mutual TLS

Who Should Read This

Senior engineers and architects designing API security for complex, distributed systems.

Senior API DevelopersSecurity ArchitectsPlatform Engineers

Frequently Asked Questions

What is "Advanced API Security" about?

Advanced API Security covers cutting-edge API security patterns including OAuth 2.0 extensions, OpenID Connect, UMA, token binding, and mutual TLS. It explores advanced topics like API gateways, service mesh security, and securing microservices architectures.

Who should read "Advanced API Security"?

Senior engineers and architects designing API security for complex, distributed systems.

What are the key takeaways from "Advanced API Security"?

Key takeaways include: Advanced OAuth 2.0 patterns and extensions; UMA (User-Managed Access) for fine-grained resource sharing; Token binding and proof-of-possession tokens.

Related Books

Browse all

API Security in Action

Neil Madden

API Security in Action

Neil Madden

4.7

API Security in Action teaches you how to create secure APIs for any situation. It covers authentication, authorization, audit logging, rate limiting, and encryption for REST, gRPC, and message-based APIs. The book uses practical Java examples but the principles apply to any language.

intermediateAPI SecurityAuthentication

OAuth 2 in Action

Justin Richer

OAuth 2 in Action

Justin Richer, Antonio Sanso

4.5

OAuth 2 in Action teaches you the practical use and deployment of OAuth 2 from the perspective of a client, authorization server, and resource server. You'll learn how to build an OAuth 2 ecosystem from scratch, understand the security implications, and implement it correctly in real-world scenarios.

intermediateAuthenticationAuthorization

OpenID Connect in Action

Prabath Siriwardena

OpenID Connect in Action

Prabath Siriwardena

4.3

OpenID Connect in Action provides a comprehensive, hands-on guide to the OpenID Connect protocol. It covers the core specification, discovery, dynamic registration, session management, and practical integration patterns for securing modern web and mobile applications.

intermediateAuthenticationAuthorization