Update June 2014: Stormpath now secures authentication to your API- without code!

At the Silicon Valley Java Users Group, our CTO Les Hazlewood gave a presentation on API Design. Since we get so many questions about API Security, we thought developers might want to see the excerpted section covering:

  • Sessions
  • Recommended authentication protocols
  • 401 vs 403 errors
  • API Keys
  • ID handling

Though the talk was given to a group of Java devs, it applies to anyone developing REST + JSON APIs. You can view the full one-hour talk on API Design on our YouTube Channel.