Update June 2014: Stormpath now secures authentication to your API- without code!
At the Silicon Valley Java Users Group, our CTO Les Hazlewood gave a presentation on API Design. Since we get so many questions about API Security, I thought developers might want to see the excerpted section covering:
- Recommended authentication protocols
- 401 vs 403 errors
- API Keys
- ID handling
Though the talk was given to a group of Java devs, it applies to anyone developing REST + JSON APIs. You can view the full one-hour talk on API Design on our YouTube Channel.
Here’s the 15-minute coffee-break video on API security: