API Security

Best Practices

• Use HTTPS
• Use OAuth2
• Use WebAuthn
• Use Leveled API Keys
• Authorization
• Rate Limiting
• API Versioning
• Whitelisting
• Check OWASP API Security Risks
• Use API Gateway
• Error Handling
• Input Validation