API-Security-Checklist
API security guide
A comprehensive checklist for designing and securing APIs.
Checklist of the most important security countermeasures when designing, testing, and releasing your API
23k stars
544 watching
3k forks
last commit: 12 months ago
Linked from 8 awesome lists
apijwtoauth2security
hack-with-github/awesome-hacking
kristories/awesome-guidelines
yosriady/awesome-api-devtools
marmelab/awesome-rest
stn1slv/awesome-integration
spacial/awesome-systools
gitcommitshow/awesome-authentication
netanmangal/awesome-hackingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 gokul595/api_guard | Provides JWT-based authentication with token refreshing and blacklisting for Rails APIs | 276 |
 fallibleinc/security-guide-for-developers | A comprehensive security guide for developers to help create more secure systems | 20,950 |
 hakky54/mutual-tls-ssl | A tutorial project demonstrating a secure API setup with TLS/SSL authentication for Java-based web servers and clients. | 575 |
 gitguardian/apisecuritybestpractices | Resources to help developers keep sensitive information secret and mitigate potential security breaches | 1,923 |
 chrisbjr/api-guard | A package for authenticating RESTful APIs with API keys in Laravel | 691 |
 github/secure_headers | Manages application of security headers with safe defaults | 3,164 |
 dwyl/learn-json-web-tokens | This project teaches how to use JSON Web Tokens for authentication in web and mobile applications. | 4,180 |
 apiaryio/dredd | Tool for validating API implementations against their own documentation | 4,192 |
 auth0/jwt-decode | A library to decode and parse JSON web tokens | 3,226 |
 mrtolkien/fastapi_simple_security | Security package for FastAPI API key authentication with simple setup and administrator endpoints. | 335 |
 firebase/firebaseui-web | A JavaScript library providing simple, customizable UI bindings on top of Firebase SDKs for authentication and sign-in management. | 4,620 |
 blst-security/cherrybomb | A tool that audits and tests API specifications to prevent security errors and ensures APIs function as intended. | 1,163 |
 flipkart-incubator/astra | Automated testing framework for detecting vulnerabilities in REST APIs | 2,521 |
 enablesecurity/wafw00f | A tool to identify and fingerprint Web Application Firewalls. | 5,347 |
 tymondesigns/jwt-auth | Provides JSON Web Token-based authentication for Laravel and Lumen applications. | 11,330 |