At the Silicon Valley Java Users Group, our CTO Les Hazlewood gave a presentation on API Design. Since we get so many questions about API Security, I thought developers might want to see the excerpted section covering:

  • Sessions
  • Recommended authentication protocols
  • 401 vs 403 errors
  • API Keys
  • ID handling

Though the talk was given to a group of Java devs, it applies to anyone developing REST + JSON APIs. You can view the full one-hour talk on API Design on our YouTube Channel. 

Here’s the 15-minute coffee-break video on API security:

Get Started with Stormpath

User Management API for Developers