API Security from Concepts to Components
This whitepaper describes the modern API security landscape and how to effectively leverage OAuth 2.0 and API gateways for authentication and authorization from both an infrastructure and software development mindset.
To date, most organizations have had hard boundaries between system administrators and their software development teams, where they occasionally interact, rarely coordinate, and never collaborate. While this concept has worked for decades, the assumptions, constraints, and requirements of software development have quickly changed as employees bring their own devices, partners connect in new and deeper ways, and customers expect smooth, consistent user experiences across every device. As the needs for collaboration between IT administrators and software developers - both internal and external - continue to grow, we need to reconsider the boundaries of our systems, expectations of users, and the security policies that protect both.