Dear Geek,

We are building an API and I am confused as to what kind of security we need? There are so many out there being used ( OAuth 1.0a, OAuth 2.0, SAML, username/password, API Key, JWT, and plenty of others) and I am not sure what the best practices are for implementing API authentication. What advice to you have?

• OVERWHELMED BY SECURITY OPTIONS

Dear Overwhelmed,

There really are a lot of options for security when designing and architecting APIs, but I can help you narrow down things and point you to some best practices for API authentication!

#security #integration #oauth #api security #api key