Authored on: Jan 31, 2014
Download The application programming interface (API) is an emerging technology for integrating applications using Web technology. This approach is exploding in popularity because it builds on well-understood techniques and leverages some existing infrastructure. But it is a mistake to think we can secure APIs using the same methods and technology with which we secured the conventional, browser-centric Web. While it is true that APIs share many of the same threats that plague the Web, APIs are fundamentally different from Web sites and have an entirely unique risk profile that must be addressed.