Blog Archives – Page 3 of 11

Desirable Properties of APIs

Any API needs to fulfill its responsibilities, such as gathering, structuring, delivering and securing data. But this is not enough to make the API really desirable for API consumers. What are the desirable properties of APIs? Desirability can be regarded

SOAP API Style

SOAP follows the RPC API style and exposes procedures as central concepts. It is standardized by the W3C and is the most widely used protocol for web services. SOAP style APIs and architectures are in widespread use, however, typically only

RPC API Style

RPC is an abbreviation for “Remote Procedure Call”. It is an API style for distributed systems. It has been around since the 1980s. Today the most widely used RPC styles are JSON-RPC and XML-RPC. Even SOAP can be considered to follow

The 10 most critical API security risks – Part 7: Security Misconfiguration

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. In

Falcor API Style – merging all your data models

Falcor is an API style that is similar to GraphQL. It introduces a virtual layer that can be used to map frontend requests to backend services. It is maintained by Netflix. The basic idea of the Falcor API Style is

The 10 most critical API security risks – Part 6: Mass Assignment

The 10 most critical API security risks – Part 5: Broken Function-Level Authorization

Is the API-key enough? API security issues and their fix

It can be seen over and over again: An API-key is directly embedded in the source code of an app. The most recent incident as of February 2020 is the Iowa caucus app, that contained an API-key right inside the

API-University

Blog