It's a common question: “why can’t I send JWTs without OAuth?” JWT is a powerful encoding format, but requires OAuth to be a complete solution. Used alone, your API is not secure.| Nordic APIs
API Keys are not security. By design they lack granular control, and there are many vulnerabilities at stake: applications that contain keys can be decompiled to extract keys, or deobfuscated from on-device storage, plaintext files can be stolen for unapproved use, and password managers are susceptible to security risks as with any application. In this piece we outline the disadvantages of solely relying on API keys to secure the proper access to your data.| Nordic APIs
There are a few different ways to implement pagination in your APIs. We cover everything you need to know about API pagination.| Nordic APIs
A comprehensive free SSL test for your public web servers.| www.ssllabs.com
Design, photography and code by Hang Do Thi Duc.| 22-8miles.com
OWASP API Security Project on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.| owasp.org
