Madden N. API Security in Action

Manning Publications, 2020. — 535 p.MEAP Version 10.API Security in Action shows you how to create secure web APIs that you can confidently share with your business partners and expose for public usage. Security expert Neil Madden takes you under the hood of modern API security concepts, including token-based authentication for flexible multi-user security, bootstrapping a secure environment in a Kubernetes microservices architecture, and using lightweight cryptography to secure an IoT device. Chapter-by-chapter, you’ll build new layers of security onto a basic social network API, mastering techniques to protect against increasingly complex threat models and hostile environments. When you’re done, you’ll have the practical skills to design and implement APIs that are safe from most common attacks and are ready for the threats of tomorrow.The react roadmap
What is API security?
Secure API development
Securing the Natter API
Securing rest APIS
Session cookie authentication
Modern token-based authentication
Self-contained tokens and JWTs
OAuth2 and OpenID Connect
Identity-based access control
Capability-based security and Macaroons
Securing microservice apis in kubernetes
Microservice APIs in Kubernetes
Securing service-to-service apis
Securing internet of things apis
Securing IoT communications
Securing IoT APIsSetting up Java and Maven
Setting up Kubernetes