Chapter 3. Security Architecture

A good approach for an API security architecture combines the principle of separation of concerns with open standards. This way, the security architecture can scale and mature over time and you can extend it with additional functions or services when needed.

This chapter introduces a cloud native security architecture for APIs that combines identity management, API management and entitlement management with the help of the OAuth 2.0 protocol. It provides a conceptual overview of the components involved and what you need to consider when implementing API security in a cloud native environment.

What is an API Security Architecture?

An API security architecture describes the techniques that protect APIs. In a nutshell, it defines how to secure access to APIs and the data they expose. As with buildings, you need a good foundation for building an architecture. Even ...

Get Cloud Native Data Security with OAuth now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cloud Native Data Security with OAuth by Gary Archer, Judith Kahrer, Michał Trojanowski

Chapter 3. Security Architecture

What is an API Security Architecture?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly