API Evangelist Partners

These are my partners who invest in API Evangelist each month, helping underwrite my research, and making sure I'm able to keep monitoring the API space as I do.


Streamdata is a software vendor making real-time data accessible to all by operating a proxy turning request / response APIs into feeds of real-time events.


Uptrends is the ultimate monitoring tool to stay in control of the uptime, performance, and functionality of your websites, APIs, and servers.


3scale makes it easy to open, secure, distribute, control and monetize APIs, that is built with performance, customer control and excellent time-to-value in mind.

API Authentication News

These are the news items I've curated in my monitoring of the API space that have some relevance to the API autehtnication conversation and I wanted to include in my research. I'm using all of these links to better understand how the space is testing their APIs, going beyond just monitoring and understand the details of each request and response.

Title Source Visit
Stop using JWT for sessions (2016) (cryto.net) (2018-11-04) cryto.net
Laravel 5.7 — API authentification with Laravel Passport (2018-10-29) medium.com
How to Use Refresh Tokens (2018-10-28) medium.com
Novice Guide to Securing API and Firebase Key in Create (2018-10-28) medium.com
Security Tokens 2.0: About On (2018-10-11) medium.com
Token Based Authentication API in Rails with the help of JWT and Knock (2018-09-20) medium.com
Allowing Users to Get Their Own OAuth Tokens for Accessing an API (2018-09-08) dzone.com
Adding Authentication to Your HTTP Triggered Azure Functions (2018-09-07) dzone.com
The practical guide for Building REST API in Nodejs and MongoDB include Passport and JWT (2018-09-02) medium.com
Using cURL to authenticate with JWT Bearer tokens (2018-08-29) medium.com
What is WebAuthn? (2018-08-29) duo.com
JSON Web Tokens (JWTs), what they are and if you should use them (2018-08-29) medium.com
Instagram Bids to Boost Transparency and 2FA (2018-08-29) www.infosecurity-magazine.com
Identity Verification API Inspires Food Security Innovation at AngelHack San Francisco (2018-08-28) medium.com
The History of Biometric Authentication (2018-08-28) duo.com
How Does HTTP Basic Authentication Work in Spring Security? (2018-08-22) dzone.com
React OAuth Authentication with Firebase (2018-08-08) medium.com
OAuth 2.0 Authorization Code Grant (2018-08-08) dzone.com
Filestack Tutorials: Setup OAuth for Dropbox (2018-07-25) blog.filestack.com
How to Implement Spring Security With OAuth2 (2018-07-23) dzone.com
Create Your Own Google Drive OAuth Application (2018-07-18) blog.filestack.com
Understanding AWS Cognito User and Identity Pools for Serverless Apps (2018-07-12) thenewstack.io
Multi (2018-07-11) dzone.com
New Gluu IAM products! (2018-07-03) www.gluu.org
Session vs Token Based Authentication (2018-06-30) medium.com
Tool: How to set up an API Key on Huobi (2018-06-29) medium.com
Configure an External Identity Provider for Single Sign (2018-06-29) dzone.com
The Importance of Multi (2018-06-29) www.sparkpost.com
Tool: How to set up an API Key on KuCoin (2018-06-28) medium.com
The supplied authentication is invalid (2018-06-27) medium.com
Auth Headers vs JWT vs Sessions — How to Choose the Right Auth Technique for APIs (2018-06-18) medium.com
How to Integrate Salesforce as the Identity Provider of WSO2 API Manager for Single Sign (2018-06-03) dzone.com
Authentication and authorization with AWS AppSync (2018-06-01) medium.com
Old OAuth plugin leaves a number of companies at risk (2018-06-01) sdtimes.com
Identity as a Service (IDaaS)  (2018-05-30) medium.com
Laravel 5.6 Custom Token Base API Authentication (2018-05-26) medium.com
Faster and more reliable auth: moving away from Authentication as a Service (AaaS) (2018-05-25) medium.com
Okta Offers Devs Free Tool to Set Up Multifactor Authentication (2018-05-24) www.ecommercetimes.com
Risk is Reality: Our Take on the Recent Auth0 Vulnerability (2018-05-23) www.forumsys.com
Oktane18: Okta makes authentication API free for apps and websites (2018-05-23) itbrief.co.nz
Okta introduces ‘Sign in with Okta’ service (2018-05-23) techcrunch.com
Remembering OpenID (2018-05-08) bavatuesdays.com
Auth Claims to Go (2018-05-05) medium.com
A crash course on securing Serverless APIs with JSON web tokens (2018-05-03) medium.com
Implementing JWT Authentication to your API Platform application (2018-04-28) medium.com
Getting Access Token for Microsoft Graph Using OAuth REST API, Part 3 (2018-04-13) dzone.com
Implement Secure Microservices With Spring Security and OAuth 2.0 (2018-04-13) dzone.com
A Cognito Protected Serverless API with Golang in Minutes (2018-04-12) medium.com
Farsight Security Announces DNSDB API Key Portability Program (2018-04-09) globenewswire.com
ASP.NET Core Two Factor Authentication Using Google Authenticator (2018-04-03) dzone.com
Securing APIS with JSON Web Tokens and an API Gateway (2018-03-26) medium.com
Implementing a Custom OAuth Policy in Mule (2018-03-23) dzone.com
JSON Web Tokens (2018-03-23) jwt.io
An Overview of Security Tokens (2018-03-22) medium.com
Single Sign (2018-03-19) developers.redhat.com
Use JWT (JWS) for authenticate (2018-03-17) medium.com
How your trading API keys can be used to drain your funds (2018-03-09) medium.com
Single Sign (2018-03-09) thenewstack.io
Using JWT for Sessions (2018-03-09) dzone.com
3scale ActiveDocs and OAuth 2.0 (2018-03-09) developers.redhat.com
Conditional Access Control with Microsoft Azure Active Directory (2018-03-08) www.nginx.com
Authentication with JWT in Rails API (2018-03-08) medium.com
Vault Integration Using Kubernetes Authentication Method (2018-03-06) blog.openshift.com
3scale by Red Hat API and Identity Management Series (2018-03-06) developers.redhat.com
Secure Access to 100 AWS Accounts (2018-03-06) segment.com
Cache OAuth 2 in Spring With Redis (2018-03-05) dzone.com
Authentication and Content (2018-03-02) www.nginx.com
Open Auth Standards: Your Secret to Success With the PSD2 Initiative (2018-03-02) auth0.com
Protocol OAuth2: let’s play with Doorkeeper & Omniauth/OAuth2. (2018-03-01) medium.com
JSON Web Tokens With Spring Cloud Microservices (2018-02-23) dzone.com
Microservices Authentication and Authorization Using API Gateway (2018-02-23) dzone.com
Instagram authentication with Flutter (2018-02-22) medium.com
Secure Spring REST With Spring Security and OAuth2 (2018-02-22) dzone.com
3Scale integration with ForgeRock using OpenID Connect (2018-02-22) medium.com
Stateless Authentication With JSON Web Tokens (2018-02-21) dzone.com
Microsoft’s Building on the Blockchain to Manage Digital Identities (2018-02-21) medium.com
An OAuth2 Grant Selection Decision Tree for Securing REST APIs (2018-02-20) dzone.com
Authentication and authorization of Pipeline users with OAuth2 and Vault · Banzai Cloud (2018-02-18) banzaicloud.com
An OAuth2 Grant Selection Decision Tree for Securing REST APIs (2018-02-17) medium.com
NTT DOCOMO Implements Authlete Solution for API Security (2018-02-15) mobileidworld.com
How to *securely* use SMS two (2018-02-15) www.gluu.org
NTT Docomo deploys Authlete's web API access (2018-02-15) www.telecompaper.com
How to enable SAML authentication in Kibana and Elasticsearch (2018-02-14) www.elastic.co
Trulioo Is An API Gateway To Digital Identity Verification (2018-02-14) www.benzinga.com
AWS Cognito User Pool Access Token Invalidation (2018-02-13) dzone.com
Simple authentication service with AWS Lambda (2018-02-08) medium.com
REST — Token based authentication (jwt) (2018-02-07) medium.com
Secure Your Vert.x Server With Single Sign (2018-02-06) dzone.com
PSD2: Strong Customer Authentication (2018-01-14) stripe.com
Abusing Aadhaar authentication API services (2018-01-11) medium.com
VueJS Route Security and Authentication (2018-01-04) medium.com
Serverless with AWS Cognito: Facebook login integration (2018-01-01) medium.com
How to use JWT with Salesforce API? (2017-12-31) medium.com
Tokens based authentication (2017-12-31) medium.com
Create REST API in Laravel with authentication using Passport (2017-12-29) medium.com
Why Every Business Needs Two (2017-12-29) auth0.com
Authentication Provider Best Practices: Centralized Login (2017-12-25) dzone.com
Twitter Expands 2FA Options to Third (2017-12-21) www.infosecurity-magazine.com
Twitter now supports 2 (2017-12-20) thenextweb.com
Twitter adds more verification options for two (2017-12-20) www.theverge.com
Twitter adds support for app (2017-12-20) techcrunch.com
The Illustrated Guide to Google OAuth With Temboo (2017-12-15) dzone.com
Why Your IAM's Definition Of “User” Could Be Costing You Millions (2017-12-15) auth0.com
Using Gmail with OAUTH2 in Linux and on an ESP8266 (2017-12-14) hackaday.com
Authentication Provider Best Practices: Centralized Login (2017-12-12) auth0.com
The importance of OAuth 2.0 (2017-12-10) sdtimes.com
Azure App Service Custom Authentication (2017-12-09) medium.com
Securing .NET Core 2.0 Applications with JWTs (2017-12-07) auth0.com
How to Get Scopes Related with an Application Based on Subscribed APIs in WSO2 API Manager 2.1.0? (2017-12-06) medium.com
Enabling Two (2017-12-05) dzone.com
Kong meets Auth0 · Scaleout Ninja (2017-12-05) medium.com
How to Improve OAuth Security With HMAC Validation (2017-12-05) dzone.com
Credential Management API (2017-12-01) medium.com
Web Authentication: What It Is and What It Means for Passwords (2017-12-01) duo.com
OAuth with PHP, Part One: getting access tokens. (2017-11-30) medium.com
Introducing 0x Connect (2017-11-29) medium.com
Facebook uses selfies as login authentication for suspicious activity (2017-11-29) www.theverge.com
Build a Secure SPA With Spring Boot and OAuth (2017-11-27) dzone.com
Single Sign On: Feature or Threat? (2017-11-27) jask.ai
Going Serverless with AWS — Serverless User Authentication — Part 3 (2017-11-26) medium.com
Building Your First Crystal Web App and Authenticating With JWTs, Part 2 (2017-11-23) dzone.com
OAuth2 Configuration in 3Scale API Management (and APICast) with Red Hat SSO (2017-11-22) medium.com
2FA — Two Factor Antiquated (2017-11-22) medium.com
Applications for Tarantool, Part 2: OAuth 2 Authorization via Facebook (2017-11-17) dzone.com
Webpack Set API Keys Depending On Environment (2017-11-16) medium.com
B2B Authentication Solution for APIs using AWS Cognito UserPools (2017-11-16) medium.com
Secure Your Node.js Website With OpenID Connect (2017-11-15) dzone.com
Who Am I? Best Practices for Next (2017-11-15) www.darkreading.com
Why Can’t I Just Send JWTs Without OAuth? (2017-11-14) nordicapis.com
Securing Golang API using Json Web Token (JWT) (2017-11-13) medium.com
Secure your Spring Boot API with JSON Web Tokens (2017-11-12) medium.com
Less Than One (2017-11-07) www.darkreading.com
State of the Auth: Experiences and Perceptions of Multi (2017-11-07) duo.com
Implementing Authenticated Identity with Trusted Key and Auth0 (2017-11-06) auth0.com
Postman makes authorization stronger and easier (2017-11-03) blog.getpostman.com
The Developer (2017-11-01) zapier.com
How to Keep Your API Keys Safe (2017-11-01) skillsmatter.com
Authentication Using JSON Web Tokens (2017-11-01) medium.com
How do you authenticate, mate? (2017-10-31) medium.com
Docker Authentication with Keycloak (2017-10-31) developers.redhat.com
3scale API Management Simplifies OpenID Connect Integration (2017-10-26) developers.redhat.com
API Keys versus OAuth (2017-10-25) apifriends.com
How to securely store API keys (2017-10-25) medium.com
Daptin walk through: oauth2, google drive, subsites and grapejs (2017-10-24) medium.com
Leave legacy authentication behind and rebuild trust (2017-10-24) www.ca.com
Adding OAuth2 to Mobile Android and iOS Clients Using the AppAuth SDK (2017-10-24) medium.com
Building a simple token based Authorization API with Rails. (2017-10-23) medium.com
Should You Make Your Users Log In? (2017-10-23) auth0.com
New Architecture of OAuth 2.0 and OpenID Connect Implementation (2017-10-22) medium.com
OAuth 2.0 Best Practices for Native Apps (2017-10-19) auth0.com
OpenID Connect Identity Brokering with Red Hat Single Sign (2017-10-18) developers.redhat.com
Facebook Authorization in a React App (2017-10-16) medium.com
The Return of Authorization (2017-10-16) medium.com
Secure Spring Boot REST API using Basic Authentication (2017-10-13) medium.com
JSON web token based authentication in Django (2017-10-13) medium.com
Email Authentication 101 (2017-10-13) admin.dyn.com
Consolidating Multiple Identity Sources with Auth0 (2017-10-12) auth0.com
The Beer Drinker’s Guide to SAML (2017-10-12) duo.com
Google Token Authentication with Laravel (2017-10-11) medium.com
Using Cloud Functions for a Managed REST API with API Key Access (2017-10-09) medium.com
Build Personalized Marketing With Identity Management (2017-10-09) auth0.com
Enhancing Productivity With Identity and Access Management (2017-10-06) auth0.com
White House wants to end Social Security numbers as a national ID (2017-10-03) arstechnica.com
SAP to Acquire Gigya: What's Next for Identity Management? (2017-10-02) auth0.com
Google plans to upgrade two (2017-09-29) www.theverge.com
DreamFactory 2.9 adds AD SSO, GitHub, and GitLab (2017-09-24) blog.dreamfactory.com
You can now use two (2017-09-23) www.theverge.com
Add Authentication and Billing to Your API on AWS [Tutorial] (2017-09-22) blog.rapidapi.com
Okta Wants to Be an Identity Service for Developers (2017-09-20) thenewstack.io
Secure (and usable) multi (2017-09-19) www.datadoghq.com
This is why you shouldn’t use texts for two (2017-09-18) www.theverge.com
How To Submit Your Security Tokens to an API Provider, Pt. 2 (2017-09-16) medium.com
Building Account Systems (2017-09-15) auth0.com
Instagram API —Authentication using Swift (2017-09-14) medium.com
Add Authentication and Billing for Your API on Heroku [Tutorial] (2017-09-13) medium.com
Adding FullContact to your Auth Process For Profile Enhancement (2017-09-13) auth0.com
Authentication as a Service, an honest review of Auth0 (2017-09-11) medium.com
Please stop calling SMS codes “two (2017-09-10) medium.com
Cloud Auth (2017-09-08) duo.com
Why You Should Not Manage Your Users' Identities (2017-09-06) auth0.com
USER MANAGED ACCESS 2.0 (2017-09-03) medium.com
You shouldn't use your phone number for 2 (2017-09-01) www.businessinsider.com
Session Hijacking Bug Exposed GitLab Users Private Tokens (2017-08-31) kasperskycontenthub.com
Solving the Identity Crisis with Username Aliases (2017-08-31) duo.com
Authentication of DocFinder using Auth APIs (2017-08-29) medium.com
Authentication of DocFinder using Auth APIs (2017-08-29) medium.com
login.gov (2017-08-24) login.gov
GitHub (2017-08-24) github.com
Using JSON Web Tokens with CUWebAuth (2017-08-21) medium.com
Secure web services using JWT and Slim Framework (2017-08-18) medium.com
Open States API Keys (2017-08-17) medium.com
Integrating PicketLink with OKTA for SAML based SSO (2017-08-17) developers.redhat.com
Tutorial 5: How to Build a Laravel 5.4 JWT Authentication API with E (2017-08-14) medium.com
API Protection Requires Both User and App Authentication (2017-08-14) medium.com
Integrating Audience with Single Sign (2017-08-10) support.brightcove.com
Overview: OAuth API v4 (2017-08-10) support.brightcove.com
Implementing JWT Authentication on Spring Boot APIs (2017-08-10) auth0.com
Introducing mobile prompts for two (2017-08-10) blogs.dropbox.com
Implementing JWT Authentication on Spring Boot APIs (2017-08-10) medium.com
Ionic Framework: Getting Started (2017-08-08) auth0.com
Create a Drupal Site and Add Authentication with Auth0 (2017-08-02) auth0.com
Tutorial 4: How to Build a Laravel 5.4 JWT (2017-08-01) medium.com
Login With Facebook In Laravel 5.4 (2017-07-31) medium.com
Auth API Calls (2017-07-29) medium.com
Authenticating Studio Users using Single Sign (2017-07-27) support.brightcove.com
What is Modern Two (2017-07-27) duo.com
Callsign pulls in $35M Series A for its adaptive authentication platform (2017-07-27) techcrunch.com
Authenticating Android Apps Developed in Kotlin (2017-07-27) auth0.com
Memahami OAuth 2.0 (API Security) (2017-07-25) medium.com
Don't Pass on the New NIST Password Guidelines (2017-07-25) auth0.com
New Twilio APIs Can Help Developers with Authentication, Session Management, Data Synchronization (2017-07-25) thenewstack.io
Wisconsin company offers staff implants for keys and passwords (2017-07-24) www.engadget.com
Securing API Keys inside Android Apps using Android NDK (2017-07-24) medium.com
APIMatic: The first ever SDK generator to support OAuth 2.0 (2017-07-23) medium.com
AMD Relies on Auth0 For Seamless Authentication of Enterprise Portal (2017-07-21) auth0.com
Google adds security features to help block unverified apps (2017-07-18) www.engadget.com
Google will nudge SMS two (2017-07-14) www.engadget.com
Leaky Images in OAuth (2017-07-14) medium.com
Introducing Token Exchange for Box Platform (2017-07-13) medium.com
OpenID Connect Logout (2017-07-12) medium.com
Google OAuth Developer Reviews Explained (2017-07-12) medium.com
Knock JWT Auth for Rails API + Create React App (2017-07-10) medium.com
Two (2017-07-10) www.theverge.com
Iris Recognition for Two Factor Authentication with Ruby on Rails (2017-07-10) auth0.com
Sails Backend for Angular2+ Auth (2017-07-09) medium.com
Getting Token Authentication Right in a Stateless Single Page Application (2017-07-07) medium.com
Pinterest enables two (2017-06-27) www.engadget.com
SCIM — System for Cross (2017-06-27) medium.com
Pinterest begins rolling out two (2017-06-27) www.theverge.com
Cloud Identity Leader Auth0 Adds $30 Million Series C (2017-06-27) auth0.com
Swagger, the API Economy, REST, Linked Data, and a Semantic Web (2017-06-24) medium.com
How do I generate a TrackingMore API key? (2017-06-24) medium.com
10 Things I Hate About Your API — Amanda Folson (2017-06-22) medium.com
The Microservice Design Canvas (2017-06-22) www.apiacademy.co
Developing RESTful APIs with Kotlin (2017-06-22) medium.com
Securing Application Secrets with EC2 Parameter Store (2017-06-22) blog.rackspace.com
How hackers can steal your 2FA email account by getting you to sign up for another website (2017-06-22) boingboing.net
OAuth 2.0 Threat Landscapes (2017-06-22) medium.com
BBVA becomes the latest incumbent to join the digital ID race (2017-06-21) www.businessinsider.com
Introducing the Chunked Upload API (2017-06-20) medium.com
4 Mantras for Designing Scalable APIs (2017-06-20) nordicapis.com
Twitter API: Cursoring (2017-06-19) medium.com
How to set up two (2017-06-17) www.theverge.com
Identity Propagation in an API Gateway Architecture (2017-06-17) medium.com
Hasura Auth API + Postman collection (2017-06-17) medium.com
Hasura Auth API (2017-06-16) medium.com
Twitter's 2 (2017-06-16) mashable.com
Auth0 is now part of UK's official Digital Marketplace G (2017-06-16) auth0.com
RESTful Services (2017-06-16) developers.redhat.com
Best Practices for API Error Handling (2017-06-15) nordicapis.com
Authentication for Great Apps (2017-06-14) zapier.com
Revoking JWTs (2017-06-14) medium.com
API design fundamentals: usage driven design (2017-06-14) medium.com
Scenarios v3.3 Update (2017-06-12) medium.com
Grammar of the IAM Policy Language (2017-06-12) docs.aws.amazon.com
REST API for Dummies: The Store Metaphor (2017-06-12) medium.com
RESTful Services (2017-06-11) medium.com
The Definitive Guide for building REST APIs (2017-06-10) medium.com
Transclude Preference for the HTTP Prefer Header (2017-06-09) rawgit.com
Build with BitScoop: Social Login (2017-06-07) medium.com
The leaked NSA report shows 2 (2017-06-06) mashable.com
Amazon API Gateway Enables Customization of Error Responses (2017-06-06) aws.amazon.com
Three Principles of API First Design (2017-06-02) medium.com
Jetpack Services for Clef Users — Jetpack for WordPress (2017-06-02) jetpack.com
API Updates: Authentication, Add Buckets and More (2017-06-01) medium.com
OneLogin: Breach Exposed Ability to Decrypt Data (2017-06-01) krebsonsecurity.com
Force Expiring of JWTs with Refresh Tokens (2017-06-01) medium.com
Open, private and secure by default: US Census Bureau to switch API from HTTP to HTTPS (2017-05-31) sunlightfoundation.com
SMS Passwordless Authentication (2017-05-31) auth0.com
REST API Design Tips from Experience (2017-05-30) medium.com
Service (2017-05-30) www.bmc.com
Accordion APIs How (2017-05-30) medium.com
API Basics (2017-05-29) medium.com
The Firewall of the Future Is Identity (2017-05-29) auth0.com
Which wordlist endpoints would be useful for you? — API Developer Community (2017-05-27) forum.oxforddictionaries.com
Go Beyond Username/Password with Modern Authentication (2017-05-26) auth0.com
Recently posted on our blog at www.lunchbadger.com (2017-05-25) medium.com
RFC 3117 (2017-05-25) tools.ietf.org
Robustness principle (2017-05-25) www.wikiwand.com
Why you should follow the robustness principle in your APIs (2017-05-25) engineering.klarna.com
Maintaining API authentication using Axios (2017-05-25) medium.com
API Lifecycle: Design Stage (Part 2 of 4) (2017-05-24) medium.com
Pagination, Filtering, and Sorting — API Working Group 0.0.1.dev223 documentation (2017-05-23) specs.openstack.org
Sorting — Twitter Developers (2017-05-23) dev.twitter.com
REST API Sorting Paging and Filtering (2017-05-23) www.thrinacia.com
An Introduction to Ethereum and Smart Contracts: an Authentication Solution (2017-05-23) auth0.com
The Resource Groups Tagging API Makes It Easier to List Your Resources by Using a New Pagination Parameter (2017-05-22) aws.amazon.com
The Resource Groups Tagging API Makes It Easier to List Your Resources by Using a New Pagination Parameter (2017-05-22) aws.amazon.com
Introducing DreamFactory's OpenID Connect Service (2017-05-22) blog.dreamfactory.com
API Design: Think First, Code Later (2017-05-20) cheesecakelabs.com
Using Square’s REST APIs to Build a Sandbox Dashboard Part 1: Authentication & Locations. (2017-05-18) medium.com
One Standard to Rule Them All: A Common Language for the Cloud’s Identity Management Crisis (2017-05-18) thenewstack.io
The four levels of consistency in API design (2017-05-18) restlet.com
Get Realtime Authentication Events with Auth0 and Pusher (2017-05-18) auth0.com
Two (2017-05-17) auth0.com
Introducing Auth0 Extend: The new way to extend your SaaS (2017-05-16) auth0.com
Google will review web apps that want access to its users data (2017-05-13) www.pcworld.com
Google Blocks OAuth Requests Made Via Embedded Browsers (2017-05-12) auth0.com
What Is the Difference Between Site Login and HTTP Authentication? (2017-05-12) dzone.com
Updating developer identity guidelines and registration processes to protect users (2017-05-11) developers.googleblog.com
SSA Plans Stronger Website Authentication (2017-05-11) www.darkreading.com
Tweet: REST Anti-Patterns https://t.co/EC42OtetFw via @InfoQ (2017-05-10) twitter.com
Oracle API Platform Cloud Enables Customers to Drive Business Transformation and DesignFirst (2017-05-10) www.prnewswire.com
SSA.GOV To Require Stronger Authentication (2017-05-10) krebsonsecurity.com
Bluetooth Chooses Auth0 to Implement Standards Based Authentication (2017-05-10) auth0.com
Authorization and Authentication With RBAC (Part 2) (2017-05-10) dzone.com
Managing Secrets on OpenShift – Vault Integration (2017-05-09) blog.openshift.com
Things to Use Instead of JWT (2017-05-08) kev.inburke.com
Putting gRPC multilanguage support to the test (2017-05-08) cloudplatform.googleblog.com
Token Migration Plan Pt.2 (2017-05-08) blog.storj.io
8 Steps to Help Your API be Forward Compatible (2017-05-07) www.programmableweb.com
The two perspectives of API design (2017-05-06) restlet.com
Tweet RT restlet The two perspectives of API design by apihandyman httpstcodM5qOjuSkp httpstcoEsquxdyEdn (2017-05-05) twitter.com
Yelp Adds GraphQL Support to Fusion API Introduces Developer Beta Program (2017-05-05) www.programmableweb.com
Building for Builders Stripe039s 8 Tips for Designing APIs and Supporting Developers (2017-05-04) www.programmableweb.com
Down the SAML Code (2017-05-03) www.okta.com
The two perspectives of API design (2017-05-03) restlet.com
REST API Industry Debate OData vs GraphQL vs ORDS (2017-05-03) www.progress.com
Little rules for designing with data (2017-05-02) github.com
API Mediation Why You Need an API Experience Layer (2017-05-01) nordicapis.com
ResourceCentric API Calls Switching Up the Cloud Elements Hubs (2017-04-28) dzone.com
gRPCWeb Moving past RESTJSON towards typesafe Web APIs (2017-04-27) spatialos.improbable.io
User Management Request for Information (RFI) (2017-04-27) www.gluu.org
Manage your gRPC APIs with Google Cloud Endpoints (2017-04-26) cloudplatform.googleblog.com
Microsoft App Aims to Delete the Password (2017-04-26) www.darkreading.com
Summarizing requests (2017-04-26) www.apiful.io
Tweet 7 Tips for Designing a Better REST API httpstco7QQsjLd33P (2017-04-25) twitter.com
What is the difference between API Design and API Architecture APIUniversity (2017-04-25) api-university.com
Tweet: Getting Started with the @Okta API and OpenID Connect https://t.co/mw6FfPPBCf (2017-04-25) twitter.com
Deliveroo API Design Guidelines added to the API Stylebook (2017-04-25) apihandyman.io
Introducing ProtocolOriented BDD in Swift for iOS Apps Part 1 (2017-04-25) dzone.com
Russian hackers use OAuth, fake Google apps to phish users (2017-04-25) www.pcworld.com
Simple OAuth2 Authorization Server with Identity Server and .NET Core (2017-04-22) www.codeproject.com
Using field masks with update requests to Google APIs (2017-04-21) gsuite-developers.googleblog.com
Getting started with Cloud Identity-Aware Proxy (2017-04-21) cloudplatform.googleblog.com
7 Tips for Designing a Better REST API (2017-04-20) www.kennethlange.com
SOAP vs REST A Look at Two Different API Styles (2017-04-20) www.business2community.com
Is Protobuf 5x Faster Than JSON Part 2 (2017-04-20) dzone.com
Token Migration Plan Pt.1 (2017-04-19) blog.storj.io
Microservices APIs and Swagger How They Fit Together (2017-04-19) dzone.com
Microsoft is killing off passwords (MSFT) (2017-04-19) www.businessinsider.com
Building an API lessons learned the hard way part 2 (2017-04-19) medium.com
Microsoft kills the password with phone-based log-in (2017-04-18) thenextweb.com
Firebase- Authentication Using AngularJS (2017-04-18) dzone.com
Ship your Auth0 logs to Azure Log Analytics (2017-04-13) auth0.com
Simplicity Utility x Data Success (2017-04-13) blog.mparticle.com
Announcing the Postman Enterprise Beta, with Single Sign-On (SSO) (2017-04-13) blog.getpostman.com
Tweet Materia v07 is now available httpstcooPDC7PPxXt User Management Addon SendGrid ampamp mailjet Addons Permissions management (2017-04-12) twitter.com
Social Login On The Rise: How Secure Is It? (2017-04-12) auth0.com
Restlet Studio Supports RAML 10 API Specification (2017-04-12) www.programmableweb.com
JSON Web Token (JWT) Signing Algorithms Overview (2017-04-11) dzone.com
The 5 Basic API Design Paradigms (2017-04-10) blog.cloudobjects.io
Tweet: Extending #OAuth2 and @openid Connect as the enterprise standard for #API security https://t.co/q4ZQV2kba1 @GetLevvel (2017-04-07) twitter.com
API Design Standards With Andy Beier (2017-04-07) businessintelligence.com
Authentication (2017-04-06) resources.infosecinstitute.com
ALM Rest API posting design steps (2017-04-06) community.hpe.com
When to Build and When to Buy (2017-04-06) auth0.com
You should not try to normalise the vocabulary across all Bounded Contexts pcalcado (2017-04-05) philcalcado.com
7 Tips for Developing Great APIs (2017-04-05) www.designnews.com
Using field masks with Google APIs for partial response (2017-04-05) developers.googleblog.com
Brute Forcing HS256 Is Possible: The Importance of Using Strong Keys in Signing JWTs (2017-04-05) dzone.com
API Design on the Scale of Decades (2017-04-04) nordicapis.com
Updates to end user consent for 3rd-party apps and Single Sign-on providers (2017-04-03) gsuite-developers.googleblog.com
How To Get A 360 View of Your Customer By Managing Identity (2017-03-24) auth0.com
How to set up two-factor authentication for your Apple ID and iCloud account (2017-03-24) www.pcworld.com
Instagram adds two-factor authentication, censors photos that are deemed offensive or disturbing (2017-03-23) www.pcworld.com
Instagram Has Two-Factor Authentication Now, So Turn It On (2017-03-23) www.wired.com
Why OAuth 2.0 Is Vital to IoT Security (2017-03-23) nordicapis.com
API design for machine learning software experiences from the scikitlearn project (2017-03-22) arxiv.org
BigCommerce uses Postman before a single line of code is written (2017-03-21) blog.getpostman.com
RESTful SNMP Over HTTP Part III (2017-03-20) dzone.com
RESTful SNMP Over HTTP Part II (2017-03-20) dzone.com
Introducing Muon (2017-03-18) daviddawson.me
Facebook OAuth Login Register with PHP (PHP Scripts) (2017-03-17) codecanyon.net
Analyzing Identity in Movies (2017-03-17) auth0.com
A Nice API Design Gem Strategy Pattern With Lambdas (2017-03-16) blog.jooq.org
REST API can we get rid of Basic Auth? (2017-03-11) medium.com
Announcing support for IAM users with MFA in the AWS SDK for #golang! (2017-03-10) aws.amazon.com
Tweet: Amazon Cognito is now available in our EU (London) region! https://t.co/uONwGtmAyE 🇬🇧 https://t.co/gwbXiMVMXB (2017-03-10) twitter.com
Is GraphQL The End of REST Style APIs (2017-03-09) nordicapis.com
Ultimate Guide to API Design (2017-03-08) blog.qmo.io
Two Forgotten Aspects to an API Design First Approach (2017-03-08) medium.com
Protecting images and videos via cookie-based authentication (2017-03-08) cloudinary.com
Tool to generate the amadmin password hash in OpenAM (2017-03-08) forgerock.org
Two Forgotten Aspects to an API Design First Approach (2017-03-08) medium.com
4 Ways Your API Is Not Quite What I Want (2017-03-08) zapier.com
API Eventing Is The Next Big Opportunity For API Providers (2017-03-07) tyk.io
Autocomplete and tooltips for variables are now live (2017-03-07) blog.getpostman.com
Stormpath Joins Forces With Okta - Stormpath User Identity API (2017-03-06) stormpath.com
Okta scoops up Stormpath team to ramp up identity platform for developers (2017-03-06) www.zdnet.com
Google API Design Guide added to the API Stylebook (2017-03-05) apihandyman.io
Tweet On my todo list for this week end adding the googlecloud API design guidelines to the httpstco7SladfsXcYhellip httpstcodBxrxEd7iN (2017-03-04) twitter.com
Tweet: DreamFactory#039;s SAML 2.0 Service https://t.co/JQ7B1yzpvX by @dfsoftwareinc https://t.co/QsqBlQYq2O (2017-03-03) twitter.com
Tweet: DreamFactory#039;s SAML 2.0 Service https://t.co/XT69PJna4U by @dfsoftwareinc https://t.co/Bu3jyyKjKP (2017-03-03) twitter.com
Arent 301s 302s and Canonicals All Basically the Same (2017-03-03) moz.com
Authentication-as-a-Service: Auth0 vs. Backand (2017-03-02) dzone.com
GitHub Adds To Online Service Capabilities In A Bid For Business Developers (2017-03-02) www.crn.com
What Does WSO2 Identity Cloud Bring To The Table? (2017-03-02) wso2.com
Tweet: https://t.co/VDZYKUBW2I just got better for businesses with SAML SSO, automated access provisioning, and more! https://t.co/xueTvIOkII (2017-03-01) twitter.com
Designing APIs With RAML (2017-03-01) dzone.com
How to implement OpenID Connect authentication in a Django app using oxd and the Gluu Server (2017-03-01) www.gluu.org
API Keys vs OAuth Tokens vs JSON Web Tokens (2017-03-01) zapier.com
Tweet: Securing Apigee Edge with an external #SAML-based identity provider https://t.co/eLPYK3R8Z9 @pbhogill (2017-02-28) twitter.com
OpenID Connect Certification (2017-02-28) www.janrain.com
Houghton Mifflin Harcourt Chooses Auth0 to Consolidate Identity (2017-02-27) auth0.com
AWS Organizations – Policy-Based Management for Multiple AWS Accounts (2017-02-27) aws.amazon.com
SHA1 Is No Longer Recommended, But Hardly a Failure (2017-02-27) dzone.com
REST over WebSockets instead of HTTP (2017-02-25) medium.com
Bringing U2F to the Masses (2017-02-24) duo.com
Tweet: No 1Password data was put at risk through the bug reported earlier today. https://t.co/S7G62Qw85Q (2017-02-23) twitter.com
Ionic 2 With Firebase: Signing in OAuth 2 (2017-02-23) www.codeproject.com
Auth0 is OpenID Connect Certified (2017-02-23) auth0.com
Updates to DigitalOcean Two-factor Authentication (2017-02-23) www.digitalocean.com
API Design Guide Cloud APIs Google Cloud Platform (2017-02-22) cloud.google.com
API update Scroll API Segments and rate limits (2017-02-22) medium.com
Designing robust and predictable APIs with idempotency (2017-02-21) stripe.com
Email Verification in Firebase Auth (2017-02-21) firebase.googleblog.com
Writing OpenAPI Swagger Specification Tutorial Part 9 Extending the OpenAPI specification (2017-02-19) apihandyman.io
Multi-Factor Authentication and Identity Management (2017-02-18) dzone.com
How to Bootstrap an OAuth2 Authorization Server With UAA (2017-02-17) dzone.com
Article Untangling an APIfirst Transformation at Scale Lessons Learnt at PayPal Part 1 (2017-02-17) www.infoq.com
Introducing Auth0 Hooks (2017-02-17) auth0.com
You can now use Google Authenticator and any TOTP app for Two-Factor Authentication (2017-02-16) blog.cloudflare.com
Building a Serverless Application with Stormpath Authentication (2017-02-15) stormpath.com
Implementing DomainDriven Design in PHP (2017-02-15) dzone.com
ConsumerOriented API Design (2017-02-15) api-university.com
Modeldriven RESTful API for CRUD and more (2017-02-14) www.codeproject.com
Verifying Constituency: A Sovrin Use Case (2017-02-13) www.windley.com
WhatsApp Rolling Out 2-Step Verification (2017-02-11) www.pcmag.com
An Overview of ExperienceBased API Integration Patterns (2017-02-10) dzone.com
WhatsApp switches on two-factor verification for 1.2 billion users (2017-02-09) thenextweb.com
Authentication-as-a-Service: Auth0 vs. Backand (2017-02-09) blog.backand.com
Is Multifactor Authentication The Best Way To Secure Your Accounts? Myths And Reality (2017-02-08) auth0.com
The Simple Guide to HTTP Verbs PATCH PUT and POST (2017-02-08) dzone.com
Steps to Building Authentication and Authorization for RESTful APIs (2017-02-07) dzone.com
HTML APIs What They Are And How To Design A Good One (2017-02-07) newze.net
Use a Local API to Protect Global Methods in a Distributed Environment (2017-02-07) www.codeproject.com
GitHub adds new two-factor lockout recovery features (2017-02-06) sdtimes.com
Visualising complex APIs using API Map (2017-02-04) hackernoon.com
Auth flows with Firebase UI on the Web (2017-02-03) firebase.googleblog.com
NIST Seeks Input On Trusted Identities Guidance (2017-02-02) www.nextgov.com
API Design Collaboration tool (2017-02-02) devkraken.wordpress.com
DreamFactory 2.4.2 adds logging, SAML, and Azure AD (2017-01-31) blog.dreamfactory.com
Designing a True REST State Machine (2017-01-31) nordicapis.com
Feature announcement: two-factor authentication (2017-01-31) postmarkapp.com
Mozilla Replaces Persona with Auth0 for Identity and Access Management (IAM) (2017-01-30) auth0.com
Facebook’s new tool looks to replace traditional two-factor authentication (2017-01-30) thenextweb.com
The Problem with Secure User Authentication in WordPress (2017-01-19) stormpath.com
Building and Securing Koa and Angular 2 with JWT (2017-01-19) auth0.com
How to create an application in Kotlin and secure it using JSON Web Tokens (JWTs) (2017-01-18) auth0.com
How Intuit Uses OpenID 2.0 to Implement Single Sign On (2017-01-18) www.programmableweb.com
Looking for commonality among HTTP request APIs (2017-01-16) snarky.ca
Signatures with PUT vs POST (2017-01-14) forums.asp.net
End-user authentication options on Context.IO (2017-01-13) blog.context.io
Introducing Zuuljs: Conditional Access Manager for Your IoT (2017-01-12) forums.adafruit.com
Authorization vs. Authentication - Whats the Difference? (2017-01-12) licensinglive.com
Building An Instagram Clone With GraphQL and Auth0 (2017-01-12) auth0.com
Google’s Cloud Platform gets a new key management service (2017-01-11) techcrunch.com
Google Cloud Platform launches Key Management Service in beta (2017-01-11) marketingnewsweb.wordpress.com
Cloud Key Management Service (2017-01-11) cloud.google.com
Tweet: Token Authentication for Cached Private Content and APIs: https://t.co/iKVvFdA3Gx https://t.co/Ku3B7FSzsL (2017-01-10) twitter.com
Token Authentication for Cached Private Content and APIs (2017-01-10) blog.cloudflare.com
Building Your API for Longevity Part 1 SpecDriven Development (2017-01-06) www.nginx.com
3 Ways to Make Your API Responses Flexible (2017-01-05) zapier.com
zalandorestfulapiguidelines A model set of guidelines for RESTful APIs (2017-01-05) github.com
On the Origins of APIFirst Companies (2017-01-04) blog.readme.io
Tweet: RT @mogui247: A Kong plugin, that let you use an external Oauth 2.0 provider to protect your API https://t.co/rJLED5Zeh5 #opensource @mashahellip; (2017-01-03) github.com
Protobuf Alternative to REST for Microservices (2017-01-03) www.ensor.cc
DDD REST Domain Driven APIs for the Web (2017-01-02) www.infoq.com
Beautiful Node APIs (2017-01-01) webapplog.com
Creating a Simple Android REST Client Using HTTPRPC (2016-12-29) dzone.com
Modernizing Legacy PHP apps with APIs (2016-12-28) leanpub.com
How to Load Test SAML SSO Secured Websites with JMeter (2016-12-26) dzone.com
Future of APIs (2016-12-19) medium.com
The Power of OpenClosed Principle (2016-12-19) dzone.com
API Design for C epub (2016-12-18) thywifyjudit.full-design.com
Using Authy Two-Factor Authentication in Node.js and AngularJS (2016-12-16) dzone.com
Working with LoopBack Authentication and Authorization (2016-12-15) strongloop.com
JWT is not an authentication protocol (2016-12-15) www.gluu.org
How to Enable Two-Factor Authentication on Twitter (2016-12-15) www.eff.org
Foundations of RESTful Architecture (2016-12-14) dzone.com
7 Secrets to Designing Alexa Skills (2016-12-14) dzone.com
API Modeling A ZeroCode Way To a Designer API (2016-12-14) www.tibco.com
Google adds single-sign-on features in latest Android Wear 2.0 preview (2016-12-13) www.theverge.com
How To Enable Two-Factor Authentication on Outlook.com and Microsoft (2016-12-13) www.eff.org
Swagger toolbox (2016-11-12) swagger-toolbox.firebaseapp.com
Signing into One Billion Mobile App Accounts Effortlessly with OAuth2.0 (2016-11-12) www.blackhat.com
OpenAPI GUI (2016-11-12) mermade.github.io
Securing JSPs with Spring Security and Stormpath (2016-11-10) stormpath.com
OAuth 2.0 Vulnerability Leads to Account Takeover (2016-11-08) www.securityweek.com
Announcing the New Apigee Edge Experience Apigee (2016-11-07) apigee.com
Building The LinkedIn Knowledge Graph (2016-11-02) engineering.linkedin.com
Why I Dont Like UPDATE Methods In API Design (2016-11-02) www.bennadel.com
Introduction to APIFirst Design (2016-10-31) www.programmableweb.com
Introducing Seamless Source Control Integration With Bitbucket and SwaggerHub (2016-10-31) dzone.com
An Introduction to AWS IAM (2016-10-20) dzone.com
From Good to Great API (2016-10-19) api-university.com
User Authentication in Java 8 (2016-10-19) stormpath.com
Two-Factor Authentication: Who Has It and How to Set It Up (2016-10-19) www.pcmag.com
Designing better Web APIs Part I arefscom (2016-10-19) arefs.com
API Usability Matters UX and CX is like DX and (2016-10-18) dret.typepad.com
Storing JSON objects in LDAP attributes? (2016-10-18) forgerock.org
Demystifying OAuth2 in DFP (2016-10-18) googleadsdeveloper.blogspot.com
Build together with App Collaborators (2016-10-18) medium.com
The API problem (2016-10-15) medium.com
API Best Practices API Design (2016-10-14) medium.com
Struggling with code to optimize how you chain APIs for advanced data analytics (2016-10-13) community.havenondemand.com
API Best Practices API Design (2016-10-12) medium.com
Protect Bearer Tokens Using Proof of Possession (2016-10-12) forgerock.org
Web App Next Stop In Our Software Journey REST Services Part III (2016-10-12) dzone.com
Planet-scale authentication with Auth0 and Azure DocumentDB (2016-10-11) auth0.com
Query Strings and URL Fragments in Login with Amazon Responses (2016-10-11) developer.amazon.com
swaggergistio Saving and Versioning Swagger definitions (2016-10-10) jordwalsh.com
JSON Web Tokens are made for Microservices (2016-10-10) alexander.holbreich.org
Easier OAuth setup with new OAuth libraries (2016-10-10) medium.com
Tweet: We#039;ve added support for Intercom to four OAuth libraries to make it easier to get setup ndash; https://t.co/wKwCtaPcCF (2016-10-10) medium.com
Tweet Learn The importance of loose coupling in REST API design httpstcor7kuJ1KzIc httpstcowHUqOfBYPu (2016-10-06) twitter.com
Designing and documenting your API (2016-10-06) medium.com
Day 31 (2016-10-06) medium.com
Functional Augmented State Transfer FAST Architecture for Computationally Intensive Network Applications (2016-10-06) arxiv.org
Limiting OpenID Connect Community Client Support (2016-10-06) www.gluu.org
Quantum Tokens for Digital Signatures (2016-10-06) www.schneier.com
A Web API ecosystem through featurebased reuse (2016-10-04) arxiv.org
Why to Prioritize Your API Strategy Before Your API Design (2016-10-04) www.programmableweb.com
Software backward compatibility undocumented APIs and importance of history etc (2016-10-03) www.codeproject.com
Enterprise Grade Authentication and Access Control on IoT (Part 2) (2016-10-03) www.codeproject.com
Metaphors of Big Data (2016-10-01) dismagazine.com
HTTP Status Trek REST Fest 2016 (2016-10-01) apihandyman.io
Announcing: Multi-Factor Authentication in Stormpath! - Stormpath User Identity API (2016-09-30) stormpath.com
Lock Up Your Raspberry Pi with Google Authenticator (2016-09-30) hackaday.com
How to fix CORS problems Restlet We Know About APIs (2016-09-29) restlet.com
Using API Gateways and JWTs for Identity Management in Microservice Based APIs (2016-09-29) medium.com
Increased account security via OAuth 2.0 token revocation (2016-09-29) gsuite-developers.googleblog.com
Enhanced third-party access protection for Google Sheets (2016-09-29) gsuite-developers.googleblog.com
Announcing the Sovrin Foundation (2016-09-29) www.windley.com
Angular 2 Authentication Tutorial (2016-09-29) auth0.com
Saying goodbye to OAuth 1.0 (2LO) (2016-09-29) gsuite-developers.googleblog.com
Setting Expectations for Accessing User Data via OAuth (2016-09-29) gsuite-developers.googleblog.com
Announcing the OpenSource beaR Library (2016-09-28) www.esa.doc.gov
Announcing Auth0s Identity Glossary (2016-09-28) auth0.com
What is API Design (2016-09-28) api-university.com
Mobile Fraud Changes Outlook for Multifactor Authentication (2016-09-27) www.darkreading.com
BeyondTrust Announces Password Management API (2016-09-27) www.programmableweb.com
Identity Management in Spring Boot with Twilio and Stormpath in 15 Minutes (2016-09-27) stormpath.com
Google embraces the log-in, leaving cookies behind in new advertising updates (2016-09-26) techcrunch.com
Sunlight at the 21st Century Neighborhoods Symposium How humanizing data will improve our communities (2016-09-26) sunlightfoundation.com
Apimint Rapidly Prototype APIs (2016-09-25) www.apimint.com
Apache Shiro Stormpath Integration 0.7.1 Released (2016-09-22) stormpath.com
Evolution to RESTful with NoSQL Documents (2016-09-21) medium.com
Moving from LDAP to SAML authentication (2016-09-21) blogs.splunk.com
Increased account security via OAuth 2.0 token revocation (2016-09-21) googleappsdeveloper.blogspot.com
There is No REST API (2016-09-20) blog.howarddierking.com
Understanding REST And RPC For HTTP APIs (2016-09-20) www.smashingmagazine.com
RPC vs REST is not in the URL (2016-09-20) www.bizcoder.com
RESTful Web Service With Example (2016-09-19) dzone.com
Two-step authentication has arrived on iOS (2016-09-19) www.xero.com
Setting Expectations for Accessing User Data via OAuth (2016-09-17) googleappsdeveloper.blogspot.com
Here comes GraphQL The Real Adam (2016-09-16) therealadam.com
Tweet: A personal hackathon with the goal of demystifying #OAuth2 in a fun way! The result : OZorkAuth https://t.co/jPezy5tGsj (2016-09-15) twitter.com
Learn API DevOps from the Experts Design Testing Deployment (2016-09-15) restlet.com
How to Take Your API From RPC to Hypermedia in 7 Steps (2016-09-15) www.programmableweb.com
The GitHub GraphQL API GitHub Engineering (2016-09-14) githubengineering.com
Intuit OAuth Server Maintenance on September 21st, 2016 ? Some Action Required (2016-09-14) developer.intuit.com
Maintaining API Working As A Software Engineer (2016-09-11) cvesters.wordpress.com
Introducing API Templates With Reusable System and Process APIs (2016-09-09) blogs.mulesoft.com
Analyzing Passwordless Connections Data: What can we learn? (2016-09-09) auth0.com
Tweet: Intro to @QuickBooks Online REST #API with #OAuth1.0 by @manasmukh https://t.co/K8vxfYB6q5 #developer (2016-09-08) twitter.com
Restful API Design An Opinionated Guide (2016-09-08) dzone.com
Use NGINX Plus and Auth0 to Authenticate API Clients (2016-09-08) auth0.com
RESTful Web API Design with Nodejs (2016-09-08) adobeland.wordpress.com
The Secret Sauce Behind Building an Elastic API (2016-09-07) www.streamingmedia.com
Understanding The New Swift 3 API Design Guidelines (2016-09-07) blog.teamtreehouse.com
API Design Book Available Today (2016-09-07) api-university.com
(2016-09-07) www.nginx.com
How to sort API expand fields (2016-09-06) www.yiiframework.com
Spring Security OAuth2 ? Client Authentication Issue (2016-09-05) dzone.com
JSON Version of Web Concepts (2016-09-03) webconcepts.info
Specref (2016-09-03) www.specref.org
OAuth: Get Client Credentials Using Postman (2016-09-02) docs.brightcove.com
Stateless Sessions for Stateful Minds: JWTs Explained and How You Can Make The Switch (2016-08-31) auth0.com
About license keys (2016-08-31) seap.samsung.com
Oktas API access product targets the trend toward services (2016-08-30) www.pcworld.com
Why Consistency Matters Across the Media Types Offered by an API (2016-08-30) www.programmableweb.com
Google partners with Okta to enable secure multi-cloud deployments (2016-08-30) www.zdnet.com
Better API Design With Java 8 Optional (2016-08-30) dzone.com
Internal API Design for Distributed Teams (2016-08-29) www.lullabot.com
Login with Facebook ( In 20 lines of PHP code ) (2016-08-28) motyar.blogspot.com
RESTful APIs and MediaTypes (2016-08-26) akrabat.com
Announcing Auth0 Guardian, Multifactor Made Easy (2016-08-25) auth0.com
Here?s Exactly Why SMS Two-Factor Is Not Enough (2016-08-25) continuum.cisco.com
PlayStation Network Gets Two-Factor Authentication (2016-08-25) www.pcmag.com
Authentication startup Auth0 raises $15M as it beefs up security features (2016-08-24) techcrunch.com
Announcing Password Breach Detection for Auth0 (2016-08-24) auth0.com
User Interface An Essential part of a Effective API design (2016-08-23) www.cioreview.com
2-Step Verification is here! (2016-08-22) www.freeagent.com
Be Explicit with Your APIs Data (2016-08-20) spin.atomicobject.com
Article Creating RESTful Services with T4 Based on Model and Interfaces (2016-08-19) www.infoq.com
Five Steps Before Developing a Smart Home Skill (2016-08-18) developer.amazon.com
Complete AWS IAM Reference (2016-08-18) dzone.com
Using HBase to Create an Enterprise Key Service (2016-08-18) blog.zaloni.com
Rackspace Cloud Identity Api 2.0 (2016-08-17) developer.rackspace.com
OptoNews Tip Whats a RESTful API and why does it matter (2016-08-17) blog.opto22.com
API Design Building and Enforcing an Internal Style Guide (2016-08-16) nordicapis.com
O Slack API How Do I Love Thee (2016-08-16) medium.com
New! Import Your Own Keys into AWS Key Management Service (2016-08-11) blogs.aws.amazon.com
New ? Bring Your Own Keys with AWS Key Management Service (2016-08-11) aws.amazon.com
Use of API Design and Management Policies (2016-08-11) dzone.com
Enhanced third-party access protection for Google Sheets (2016-08-11) googleappsdeveloper.blogspot.com
API Gateway Custom Authorization With Lambda, DynamoDB, and CloudFormation (2016-08-09) dzone.com
New feature: Assign rights by service (2016-08-09) www.3scale.net
Cookie Authentication and Session Management (2016-08-09) dzone.com
Shaming People for Not Being or Understanding REST Is Why We Have So Much Inconsistency in API Design (2016-08-09) dzone.com
OAuth 2.0 Token Management With Stormpath and Spring Boot (2016-08-07) dzone.com
Google is trying to stop you having to put in passwords (2016-08-06) verdictforu.com
Dashlane and Google Intro Open YOLO API for Secure Android Logins (2016-08-05) www.programmableweb.com
Dashlane and Google team up for OpenYOLO security project (2016-08-04) www.pcworld.com
Google partners with Dashlane for an open-source login API (2016-08-04) techaeris.com
Dashlane, Google launch ?OpenYOLO?, an API-based password project for Android apps (2016-08-04) techcrunch.com
JSON Web Tokens(JWTs) vs Sessions in Practice (2016-08-04) auth0.com
Dashlane Teases Open API for App Logins (2016-08-04) in.pcmag.com
NIST is No Longer Recommending Two-Factor Authentication Using SMS (2016-08-03) www.schneier.com
Getting Your REST is Important (2016-08-03) www.tibco.com
Restlet Studio 13 is out (2016-08-03) restlet.com
Analyzing Enterprise Connections Data: What can we learn? (2016-08-02) auth0.com
My Mommy Identity (2016-08-02) www.janrain.com
Tweet: Social Security Administration now requires 2-factor SMS auth. Still easy to sign up as someone else though https://t.co/Q4SrgrtAUz (2016-08-01) twitter.com
One password reset to rule them all! (2016-07-26) scotthelme.co.uk
Is your app ready for token revoke? (2016-07-25) developer.spotify.com
Microsoft Publishes REST API Guidelines 23 (2016-07-21) www.programmableweb.com
Microsoft REST API Guidelines Are Not RESTful (2016-07-21) www.infoq.com
New AWS Compute Blog Post: Help Secure Container-Enabled Applications with IAM Roles for ECS Tasks (2016-07-20) blogs.aws.amazon.com
GitHub Microsoftapiguidelines Microsoft REST API Guidelines (2016-07-19) github.com
Announcing the Auth0 Partners Program (2016-07-18) auth0.com
Enable Client-Side SSL Authentication of an API with the API Gateway Console (2016-07-16) docs.aws.amazon.com
API Errors Are First Class Citizens (2016-07-15) dzone.com
Presentation REST Considered Harmful (2016-07-12) www.infoq.com
Presentation: Two-factor Authentication (2016-07-12) www.infoq.com
Two Factor Auth (2FA) ? List of websites and whether or not they support 2FA (2016-07-12) twofactorauth.org
Scaling Your API Design Workflow (2016-07-10) blog.apiary.io
Screencast: Test OAuth2 Secured API with DHC (2016-07-06) restlet.com
? Switching to Apple?s two-factor authentication (2016-07-06) sixcolors.com
2-Factor Authentication Creates Trust, Security, and Competitive Advantage (2016-07-01) www.infobip.com
HTTPRPC 30 Released Announcement (2016-07-01) dzone.com
Three APIs Making the Case Against Building It Yourself (2016-06-29) everydeveloper.com
Using the New Auth Component for Angular 2 With DreamFactory (2016-06-24) dzone.com
Introducing Firebase Authentication (2016-06-23) developers.googleblog.com
Avoiding Password Reuse Attacks With Auth0 (2016-06-23) dzone.com
Support for Universal 2nd Factor Authentication (2016-06-22) about.gitlab.com
Creating your first Laravel app and adding authentication (2016-06-22) auth0.com
Using the new auth component for Angular 2 (2016-06-21) blog.dreamfactory.com
Why Your API039s EndUsage Context Matters To Great Developer Experiences (2016-06-21) www.programmableweb.com
Why Your API039s EndUsage Context Matters To Great API Design (2016-06-21) www.programmableweb.com
JSON Web Tokens With Spring Cloud Microservices (2016-06-20) www.codeproject.com
Adding Authentication to Your React Native App Using Json Web Tokens (2016-06-19) dzone.com
API Design in Nodejs with Express (2016-06-15) shop.oreilly.com
How API First Design Could Have Avoided These Failures (2016-06-14) www.programmableweb.com
Everything you need to know about 3-legged authentication and Context.IO (2016-06-10) blog.context.io
Firebase Authentication With the Firebase 3.0 SDK and Auth0 Integration (2016-06-10) dzone.com
JSONLD Building Meaningful Data APIs (2016-06-09) dzone.com
Slicker user authentication with Twitter Kit 2.2 (2016-06-08) blog.twitter.com
Sharing Authentication Between Socket.io and a PHP Frontend (Using JSON Web Tokens) (2016-06-07) dzone.com
Visualize and Search Your Auth0 Logs Using Sumo Logic (2016-06-07) dzone.com
Adding Authentication to a Native Desktop C# App with JWTs (2016-06-06) dzone.com
The Basics of REST and RESTful API Development (2016-06-06) www.hongkiat.com
(2016-06-05) dzone.com
A Consumer of a Properly Designed RESTful API Is Writing to an Interface Not an Implementation (2016-05-20) dzone.com
RAMLing Again With API Workbench From Setup to Design (2016-05-19) dzone.com
Why Federated Identity Management Matters (2016-05-17) auth0.com
Integrate Tyk with Auth0 (2016-05-17) tyk.io
Building a great API Lessons learned from working with dozens of REST APIs (2016-05-17) blog.bugsnag.com
User-based Authentication with Loopback (2016-05-17) strongloop.com
OAuth2 Scope Sunset for DFP API (2016-05-12) googleadsdeveloper.blogspot.com
Using the Auth0 Postman Collections (2016-05-12) auth0.com
Investing, Authentication, and a Few Bots Take the Stage at Finovate (2016-05-11) bankinnovation.net
Token Authentication: The Secret to Scalable User Management (2016-05-11) stormpath.com
Sign in with Slack ? Let users login to your site with Slack (2016-05-10) api.slack.com
How to use API Connect to Manage LoopBack APIs (2016-05-10) dzone.com
Slack intros Sign in with Slack to streamline app logins (2016-05-10) www.zdnet.com
Introducing Improved User Search Functionality in the IAM Console (2016-05-10) blogs.aws.amazon.com
Introducing Sign in with Slack (2016-05-10) medium.com
?Sign-In with Slack? challenges Facebook, Twitter and Google for log-ins (2016-05-10) thenextweb.com
Heroku Connect APIs Now GA (2016-05-10) blog.heroku.com
How To Use Auth0 To Manage Your Multi-Tenancy Application (2016-05-08) auth0.com
Introducing TAuth: Why OAuth 2.0 is bad for banking APIs and how were fixing it (2016-05-05) blog.teller.io
Connecting Slack and Salesforce (2016-05-05) medium.com
Thinking About An API Proxy To Add Link Header To Each API Response (2016-05-03) apievangelist.com
3scale Adds Stormpath Integration to Its Industry Leading API Platform (2016-05-03) www.3scale.net
New Stormpath Integration Simplifies Adoption Of OAuth Authentication Flow (2016-05-03) www.3scale.net
HTTP Header Awareness Using The Link Header For Pagination (2016-05-02) apievangelist.com
Never Put Secrets in URLs and Query Parameters (2016-04-29) www.fullcontact.com
HapiJS Authentication ? Secure Your API With JWT (2016-04-29) dzone.com
Slack tokens: what they are, how they?re used, and how to keep your data safe (2016-04-29) medium.com
OpenID Connect Support in Tyk Cloud is Here! (2016-04-28) tyk.io
Developer-Friendly SAML Single Sign On Support (2016-04-28) stormpath.com
Lumen And Stormpath As Your Mobile Backend (2016-04-27) stormpath.com
Integrating Tyk Open Source API Gateway with a Custom Identity Provider using JSON Web Tokens (2016-04-27) tyk.io
Getting Started with the Heroku Connect API (2016-04-25) developer.salesforce.com
Spring OAuth2 With JWT Sample (2016-04-25) dzone.com
REST API Design at Devoxx France (2016-04-25) restlet.com
The Relationship Between BDD and API Design (2016-04-23) dzone.com
Saying goodbye to OAuth 1.0 (2016-04-22) developers.googleblog.com
API Names and Begging the Negatives (2016-04-22) dzone.com
Build a REST API with XML Payload (2016-04-22) dzone.com
Build Better Mobile Apps Data and API Best Practices (2016-04-21) www.builtinchicago.org
Worlds First API Design Hackathon (2016-04-21) blog.apiary.io
Everything You Wanted to Know About OAuth 2 (But Were too Afraid to Ask) (2016-04-20) auth0.com
New ? Your User Pools for Amazon Cognito (2016-04-19) aws.amazon.com
Intermediate Delivery Reports - Make the most of 2-Factor Authentication (2016-04-19) www.infobip.com
How to Improve API Errors With Defensive Design (2016-04-16) www.programmableweb.com
Authentication in Golang with JWTs (2016-04-13) auth0.com
Consumeroriented API Design (2016-04-12) api-university.com
Facebook launches Account Kit, a tool that lets you sign in to apps without passwords (2016-04-12) venturebeat.com
Integrate Auth0 Into Your Existing SaaS Tools (2016-04-07) auth0.com
Announcing Clearbit Connect (2016-04-07) blog.clearbit.com
What is a welldesigned API (2016-04-06) api-university.com
Token Based Authentication using Postman as Client and Web API 2 as Server (2016-04-05) www.codeproject.com
RFC 7807 Problem Details for HTTP APIs (2016-04-04) tools.ietf.org
Identity and access management: Where security and operations meet (2016-04-04) blogs.ca.com
Screencast Design a web API from scratch with Restlet Studio (2016-04-01) restlet.com
What Skills Do Your APIs Offer (2016-03-31) launchany.com
Quality API Design and Implementation through RepreZen and SmartBear (2016-03-30) www.reprezen.com
A Tale of Two Chatbots Internet Ethics Views From Silicon Valley (2016-03-29) www.scu.edu
JSON Web Token in Action With JAX-RS (2016-03-29) dzone.com
How to Detect and Automatically Revoke Unintended IAM Access with Amazon CloudWatch Events (2016-03-29) blogs.aws.amazon.com
IAM best practice guides available now (2016-03-29) cloudplatform.googleblog.com
Social logins: What?s really at risk? (2016-03-29) blogs.ca.com
Announcing General Availability of Box KeySafe with AWS KMS (2016-03-29) www.box.com
Social Login: Facebook Google in One API Call - Stormpath User Identity API (2016-03-28) stormpath.com
Four Key API Management Use Cases for the Enterprise (2016-03-28) www.slideshare.net
How to Easily Identify Your Federated Users by Using AWS CloudTrail (2016-03-28) blogs.aws.amazon.com
Google Cloud Platform now offers identity and access management roles for users (2016-03-23) venturebeat.com
One time Authentication for Public Resource (2016-03-22) blogs.msdn.microsoft.com
Tutorial: Build an Android Application with Secure User Authentication (2016-03-22) stormpath.com
Great APIs Have One Thing in Common (2016-03-22) everydeveloper.com
Test your OAuth2 secured API using DHC (2016-03-21) restlet.com
Well wishes and warnings in the Web API (2016-03-21) medium.com
Discover the attention surrounding URNs support for a new identifier (2016-03-18) www.altmetric.com
One API many facades (2016-03-16) restlet.com
Do My APIs Have The Skills They Need To Compete In A Voice And Bot Enabled World (2016-03-15) apievangelist.com
Designing APIs With Customers in Mind (2016-03-14) www.builtinaustin.com
Article One API Many Facades (2016-03-13) www.infoq.com
Easy Guide on how to use OAuth to Access Google APIs (2016-03-11) www.codeproject.com
Introducing Auth0 for Postman Collections (2016-03-09) auth0.com
Designing a Web API with Restlet Studio Visual API editor (2016-03-09) restlet.com
3 Approaches to Monadic API Design in Haskell (2016-03-08) blog.pusher.com
HapiJS Authentication - Secure Your API With JWT (2016-03-07) auth0.com
API Design Challenges Competing Demands (2016-03-05) www.biske.com
Introducing developer API tokens (2016-03-04) hypothes.is
Designing Web APIs with Restlet Studio (2016-03-04) restlet.com
Never type the same API token twice (2016-03-01) blog.papertrailapp.com
(2016-03-01) www.codeproject.com
StopLight Launches Visual API Design Tools (2016-03-01) www.infoq.com
Extra Security with Two-factor Authentication! (2016-02-29) nulab-inc.com
Interview John Sheehan on Web API Quality (2016-02-27) www.infoq.com
A Stateless OAuth 20 Proxy for Single Page Applications (SPAs) (2016-02-27) dzone.com
MasterCard unveils selfie security checks, says heartbeat authentication could follow (2016-02-23) www.theverge.com
Presentation 5 AntiPatterns in Designing APIs (2016-02-23) www.infoq.com
Resolving the FrontendBackend API Design Conflict (2016-02-17) launchany.com
Dear API Designer Are You Sure You Want to Return a Primitive (2016-02-17) dzone.com
New AWS Partner Network Blog Post: Securely Accessing Customers AWS Accounts with Cross-Account IAM Roles (2016-02-17) blogs.aws.amazon.com
Why Github039s Scientist 10 Could Be Great for API Versioning (2016-02-17) www.programmableweb.com
Resolving the FrontendBackend API Design Conflict (2016-02-17) launchany.com
The ultimate guide to device authentication (2016-02-17) thenextweb.com
Instagram Finally Adds Two-Factor Authentication To Fight Hackers (2016-02-16) techcrunch.com
Using a Prototype as an API Product Specification (2016-02-16) sendgrid.com
Introducing API Templates (2016-02-16) www.socketlabs.com
Sharing and saving your Web API design project in the cloud (2016-02-15) restlet.com
How to Implement Basic Search with Google Maps API (2016-02-12) www.programmableweb.com
SAML SSO with GoodData (2016-02-12) developer.gooddata.com
Securing Identities: Two-Factor Authentication in the Hacking Age (2016-02-09) janrain.com
Fitbit OAuth Update (2016-02-05) blog.temboo.com
REST essentials for the QuickBooks API (2016-02-04) developer.intuit.com
Lessons From Training 1400 People in Web API Design (2016-02-02) launchany.com
SAML Single Sign-on With Tomcat and PicketLink (2016-02-02) dzone.com
an online tutorial with friends (2016-02-02) www.amundsen.com
Getting Started with SAML in PHP Applications - Stormpath User Identity API (2016-02-01) stormpath.com
How CloudRail Handles the Seven Deadly Annoyances of API Design (2016-01-29) cloudrail.com
Using Google Sign-in With Your Server (2016-01-26) dzone.com
SSO for Heroku Now Generally Available (2016-01-26) blog.heroku.com
Reverse Engineering APIs From The Common APIs Models We Know (2016-01-25) apievangelist.com
OAuth with JSON Web Tokens In .NET - Stormpath User Identity API (2016-01-25) stormpath.com
How to Encrypt OAuth Tokens in 10 minutes With SecureDB (2016-01-25) www.programmableweb.com
Google Play Games API Adjustments Ease Sign-in and Permission Requirements (2016-01-25) www.programmableweb.com
Keycloak and dagger: Securing your APIs with OAuth2 (2016-01-22) www.apiman.io
Cover yourself up! Protecting your APIs with mutual auth (2016-01-22) www.apiman.io
Paging in ASPNET Web API (2016-01-21) www.codeproject.com
OAuth authentication on tvOS (2016-01-20) www.codeproject.com
Introducing the OAuth Technology Preview in NGINX Plus R8 (2016-01-19) www.nginx.com
How to Record and Govern Your IAM Resource Configurations Using AWS Config (2016-01-19) blogs.aws.amazon.com
Apiaryio Now Features Swagger Support (2016-01-19) www.programmableweb.com
RESTful ServiceDesign How to overcome the CRUDnature of the RESTstyle (2016-01-13) itblogs.stephanbauer.me
The IAM Console Now Helps Prevent You From Accidentally Deleting In-Use Resources (2016-01-13) blogs.aws.amazon.com
API Design Inspiration on GitHub (2016-01-12) blog.apiary.io
How to Enable Web Apps for 2FA With the Nexmo Verify API (2016-01-12) www.programmableweb.com
Google Apps + Clever Instant Login (2016-01-12) blog.clever.com
Building Simple Command Line Interfaces in Python (2016-01-11) stormpath.com
Public GETs In Concert With Private POST PUT And DELETE For Your APIs (2016-01-08) apievangelist.com
IETF Moves to Simplify Sharing of OAuth Tokens ? Univers Smartphone (2016-01-08) www.universmartphone.com
Passing Json data to a RESTful WCF 4 service using JsonNet (2016-01-07) www.codeproject.com
How to use JSON Web Token (2016-01-06) jexia.com
Web API A Solid Approach (2016-01-05) www.codeproject.com
inadarei Howto HTTP Caching for RESTful and Hypermedia APIs (2015-12-18) www.freshblurbs.com
Enhancing Your Apiary Workflow MSON Dredd Style Guides and More on Vimeo (2015-12-17) vimeo.com
REST Fest 2015 Glenn Block FiveInFive in REST Fest 2015 on Vimeo (2015-12-17) vimeo.com
The Basics of SAML (2015-12-17) www.gigya.com
SSO for Heroku now in Public Beta (2015-12-16) blog.heroku.com
Presentation Designfirst APIs in Practice (2015-12-16) www.infoq.com
A Fun Way To Explore HTTP Status Codes With A Subway Map From Restlet (2015-12-13) dzone.com
Identity and access management for everyone (2015-12-11) blogs.ca.com
Talking to OAuth2 Services with Node.js - Stormpath User Identity API (2015-12-10) stormpath.com
Understanding HTTP content negotiation (2015-12-10) restlet.com
Apply an OAuth policy on a REST API (2015-12-09) blogs.mulesoft.com
Designing Evolvable APIs for the Web Formats (2015-12-08) nordicapis.com
Daniel Jacobson on Ephemeral APIs and Continuous Innovation at Netflix (2015-11-28) www.infoq.com
(2015-11-27) alpha.apievangelist.com
Designing Evolvable APIs for the Web Identification (2015-11-25) nordicapis.com
API Design Using Behavior Driven Development (2015-11-24) blog.smartbear.com
Adding Authentication to Shiny Open Source Edition (2015-09-24) auth0.com
Architectural Styles for APIs SOAP REST and RPC (2015-09-13) api-university.com
There Is A Big Opportunity Right Now When It Comes To API Design Tooling (2015-09-13) apievangelist.com
REST in AEM by Roy Fielding (2015-09-11) www.slideshare.net
A Quick Example Of An API Provider Putting Content Type Negotiation To Work (2015-08-31) apievangelist.com
We Need an Open Abstraction Layer to Help Us Better Define and Design Our APIs (2015-08-28) apievangelist.com
The API Design Guide Is Just The Beginning Of The Journey Better Get Started (2015-08-28) apievangelist.com
Crafting and Publishing API Design Guide Shows That You Are Further Along In Your API Journey (2015-08-28) apievangelist.com
Take control of all your IoT devices with Netvibes + SAMI (2015-08-27) blog.netvibes.com
DTO engages with developers for API design mandate (2015-08-25) www.technologydecisions.com.au
Resources Not Data (2015-08-21) www.windley.com
API development startup Apiary raises 68M and launches a testing service VentureBeat Deals by Jordan Novet (2015-08-18) venturebeat.com
A Common Open Source API Design Editor Is Needed For API Service Providers (2015-08-14) apievangelist.com
Microsoft Previews a More Unified Sign-In Approach for Applications (2015-08-13) redmondmag.com
Using OAuth 2.0 and the Google API Client Library for Javascript with Trigger.io Forge (2015-08-13) trigger.io
Twitter Improves Digits Login Tool For Devs (2015-08-11) www.programmableweb.com
HTTP Status Codes httpstatuses (2015-08-10) httpstatus.es
Ingest Profiles API Authentication (2015-07-10) docs.brightcove.com
How To Design Great APIs With APIFirst Design and RAML (2015-07-10) www.programmableweb.com
My API Design Research Distilled Down As Single PDF Guide (2015-07-08) apievangelist.com
Now in Production DELETE page (2015-07-08) blogs.msdn.com
My API Design Research Distilled Down As Single PDF Guide (2015-07-07) apievangelist.com
The API Design Tooling I Have Included In My Research (2015-06-30) apievangelist.com
Tightening Up The Organizations That Are Included In My API Design Research (2015-06-30) apievangelist.com
Why Its OK To Design Imperfect APIs (2015-06-30) www.programmableweb.com
API Design Considerations for The Internet of Things (2015-06-30) www.programmableweb.com
The API Design Tooling I Have Included In My Research (2015-06-29) apievangelist.com
Announcing the formation of the OTTO WG (2015-06-25) www.gluu.org
Breaking Down Publication References With The Global Change Information System API (2015-06-23) apievangelist.com
Announcing OAuth 2.0, Deprecating OAuth 1.0 (2015-06-22) blog.rdio.com
OAuth Quick Start (2015-06-19) docs.brightcove.com
Lessons learnt from shipping APIs for Microsofts cloud platform (2015-06-19) sriramk.com
Two ways to create your APISpark account (2015-06-16) restlet.com
Forms Authentication using Web API (2015-06-16) www.codeproject.com
Decoupling the Mind of the API Designer (2015-06-12) blog.apiary.io
A Tale of Four API Designs Dissecting Common API Architectures (2015-06-11) nordicapis.com
Splitting My Blog API Into Two Separate APIs For News And Analysis (2015-06-10) apievangelist.com
Using API Definitions To Help API Providers With Their API Design Roadmap (2015-06-10) apievangelist.com
The relation between OpenID Connect and OAuth 2 (2015-06-10) api-university.com
New JSON API Specification Aims to Speed API Development (2015-06-10) www.programmableweb.com
Ping unveils new IAM platform enabling multifactor authentication using Apple Watch (2015-06-09) www.fiercemobileit.com
Decoupling the Mind of the API Designer (2015-06-09) blog.apiary.io
Visions Of My Perfect API Design Editor Using Electron (2015-06-04) apievangelist.com
Top 5 Development Tips for a Killer API (2015-06-04) nordicapis.com
Why Not To Overlook API Planning And What To Do About It (2015-06-04) www.programmableweb.com
Integrations are Hard Part II API Resources Search and Pagination (2015-06-03) cloud-elements.com
Single Sign-On: The Enterprise Solution for Too Many Passwords (2015-06-02) www.smartsheet.com
Article The Power of RAML (2015-06-02) www.infoq.com
How to build APIs efficiently (2015-05-30) api-university.com
How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS (2015-05-28) blogs.aws.amazon.com
Article From Doodles to Delivery An API Design Process (2015-05-26) www.infoq.com
RESTful API Design Part III Error Handling (2015-05-26) blog.cloud-elements.com
Single Sign-On For Government Applications Coming in Weeks (2015-05-23) www.nextgov.com
5 Things to Consider When Using RESTful APIs and OAuth 2.0 (2015-05-22) www.programmableweb.com
Amazon Releases SDKs for Login and Pay with Amazon (2015-05-22) www.programmableweb.com
Apigee API Studio Designing Testing and Sharing APIs (2015-05-21) www.infoq.com
7 Important API Design Lessons (2015-05-21) nordicapis.com
Apigee adds some Swagger to API design (2015-05-21) www.pcadvisor.co.uk
New SDKs, Code Samples, Docs for Login and Pay with Amazon (2015-05-20) aws.amazon.com
Restlet and SmartBear Partner to Deliver Restlet Studio Plugin for Ready API (2015-05-20) restlet.com
Introducing Digits Kit (2015-05-20) blog.twitter.com
Meet MyUSA: Your one account for government (2015-05-17) 18f.gsa.gov
Versioning APIs (2015-05-15) blog.clearbit.com
A Guide to REST and API Design (2015-05-11) transform.ca.com
Do you really know why you prefer REST over RPC (2015-05-10) apihandyman.io
Nearly all web APIs get paging wrong (2015-05-08) vermorel.com
Guest Post Why The API Pattern Is Broken And How We Can Fix It (2015-05-05) apievangelist.com
The Role of the API Designer (2015-05-03) blog.apiary.io
Announcing the Auth0 Open Source Single-Sign-On Dashboard (2015-04-28) auth0.com
Understand about DELETE Verb in Web API RESTful Services using Data from Both Request Body As Well As URI (2015-04-28) www.codeproject.com
API Keys - SendGrid Documentation (2015-04-27) sendgrid.com
Auth0 Europe Launches (2015-04-27) auth0.com
New ? Glacier Vault Access Policies (2015-04-27) aws.amazon.com
Api Design AntiPatterns (2015-04-25) www.slideshare.net
How to Authenticate Using the Konekt REST API (2015-04-24) konekt.io
The data the hypermedia and the documentation (2015-04-23) apihandyman.io
HTTP Verbs Demystified PATCH PUT and POST (2015-04-21) cloud-elements.com
Passwordless SMS Authentication Using Xamarin (2015-04-21) www.twilio.com
A final farewell to ClientLogin, OAuth 1.0 (3LO), AuthSub, and OpenID 2.0 (2015-04-21) googledevelopers.blogspot.com
Introduction to Apiary Overview of Apiary and How to Create APIs (2015-04-20) www.developer.com
REST API design tips (2015-04-19) kwtrnka.wordpress.com
Active Directory API - Gives You an Easier Way to Access Data Stored In... (2015-04-19) www.sooperarticles.com
Authenticating Users Through OAuth2 in Azure (2015-04-17) www.codeproject.com
Integrating Multiple Orgs using the OAuth 2.0 SAML Bearer Assertion Flow (2015-04-15) developer.salesforce.com
API Part of the Creative Palette (2015-04-14) nordicapis.com
Bizcoder Solving Dropboxs URL Problems (2015-04-10) www.bizcoder.com
Solving Dropboxs URL Problems (2015-04-10) www.bizcoder.com
418 Im a teapot and other bad API responses (2015-04-09) cloud-elements.com
Building Reusable REST API Services Part 3 of 4 (2015-04-08) blog.dreamfactory.com
In a REST world theres room for nonREST APIs (2015-04-07) www.programmableweb.com
JSON API Spec Goes Through The Hacker News Gauntlet (2015-04-06) www.programmableweb.com
How to Decide How Many HTTP Status Codes Your API Needs (2015-04-02) www.programmableweb.com
Salesforce buys mobile authentication startup Toopher (2015-04-01) venturebeat.com
InfoQ eMag Web APIs From Start to Finish (2015-03-31) www.infoq.com
Bizcoder API Design Notes Smart Paging (2015-03-31) www.bizcoder.com
eCommerce API Design The Good The Bad and The Etsy API (2015-03-30) cloud-elements.com
The ways of the API smartness (2015-03-28) apihandyman.io
Authentication Using JSON Web Token (2015-03-26) www.codeproject.com
Randall Degges - Why I Love Basic Auth (2015-03-23) www.rdegges.com
APIs arent apps Make them as thin and light as possible (2015-03-23) www.infoworld.com
HTML6 APIs as Natural Friends (2015-03-21) blog.smartbear.com
I have my opinions on API design (2015-03-20) bryson3gps.wordpress.com
The API Field of Dreams Build It Correctly and They Will Come (2015-03-18) www.developer.com
20 API Design Tips to Stop Annoying Developers (2015-03-17) jergames.blogspot.com
Why Your APIs Need Design Help (2015-03-16) www.digitalgov.gov
Designing a Web API (2015-03-16) restlet.com
10 Usability Lessons for APIs (2015-03-14) www.linkedin.com
Augmenting A Read Only API With AN External POST PUT And DELETE (2015-03-12) apievangelist.com
Facebook Applies Versioning Strategy to Marketing API (2015-03-10) www.programmableweb.com
Targeting Some APIs In My Stack For House Cleaning And Maybe Some Design Iterations (2015-03-09) apievangelist.com
Ideal REST API design betim drenicas blog (2015-03-09) betimdrenica.wordpress.com
We Need An Open Library Of The Most Common Utility API Implementations (2015-03-07) apievangelist.com
(2015-03-04) apievangelist.com
POST effyouthisistherighturl RESTful API Design (2015-03-04) blog.cloud-elements.com
Apigee Product Highlight Video SmartDocs (2015-03-03) apigee.com
My API Design Research (2015-03-03) apievangelist.com
Dropbox Sparks Controversy With API Design Decision (2015-03-03) www.programmableweb.com
Metadesign The intersection of art design and computation OReilly Radar (2015-03-02) radar.oreilly.com
ApplicationLevel Profile Semantics ALPS (2015-03-02) tools.ietf.org
Common Cases When Using SOAP Makes Sense (2015-03-02) nordicapis.com
Dropbox starts using POST and why this is poor API design (2015-03-02) evertpot.com
Hypermedia API maturity model Part I Hypermedianess (2015-02-28) apihandyman.io
The beautiful API and the bestial backoffice API Handyman (2015-02-27) apihandyman.io
Bizcoder Dont Design A Query String You Will One Day Regret (2015-02-26) www.bizcoder.com
Metadesign The intersection of art design and computation (2015-02-24) radar.oreilly.com
What Makes an Agile API (2015-02-24) nordicapis.com
My Brain Dump On An API Definition Fueled Life Cycle (2015-02-22) apievangelist.com
A Guide to REST API Design API Academy (2015-02-21) www.apiacademy.co
Using Templates For Documentation Driven API Design (2015-02-21) nordicapis.com
LucyBot Get your APIs consumers moving faster (2015-02-20) lucybot.com
LucyBot Eliminates CrossLanguage Programming Necessity (2015-02-20) www.programmableweb.com
MuleSoft Releases RAML NET Parser Visual Studio Extension (2015-02-20) www.programmableweb.com
Googles new CAPTCHA security login raises legitimate privacy concerns (GOOG) (2015-02-20) www.businessinsider.com
API Best Practices The Wrap Up (2015-02-20) blogs.mulesoft.com
Collaborators New External API (2015-02-19) blog.smartbear.com
Using Templates for Documentation Driven API Design (2015-02-19) nordicapis.com
The need for contextual information within multifactor authentication (2015-02-19) www.logintc.com
How API Description Languages Enable API IDEs (2015-02-18) www.programmableweb.com
Community Debates API Specification Alternatives (2015-02-18) www.infoq.com
Utilising API Blueprint in API Clients (2015-02-17) blog.apiary.io
apiaryioapiblueprint Gitter (2015-02-17) gitter.im
A Guide to REST API Design (2015-02-16) www.apiacademy.co
Why you must design your private API in english API Handyman (2015-02-08) apihandyman.io
Introducing the Organization Component in Codenvy (2015-01-22) blog.codenvy.com
Server Skeletons In Restlet Studio And APISpark (2015-01-06) apievangelist.com
Connecting Our History At The Digital Public Library of America Using APIs And JSONLD (2015-01-06) apievangelist.com
Does One API Description Language Fit an Entire Enterprise (2015-01-06) blog.soa.com
The Core of Your API (2014-12-23) www.windley.com
Restlet Studio, the First Cross-Language IDE for APIs (2014-12-03) restlet.com
Constructing URLs the easy way (2014-12-03) www.bizcoder.com
REST APIthy: #ReadFielding (2014-12-02) rest-apithy.blogspot.ca
(2014-09-26) www.futureinsights.com
API Readiness: do you have what you need? (2014-09-25) blog.smartbear.com
WillowTree Apps Applies Service Virtualization to API Development (2014-09-25) www.programmableweb.com
Designing APIs for the Web (2014-09-25) tehparadox.com
Bizcoder - A drive by review of the Uber API (2014-08-21) bizcoder.com
Creating Bottom Line Growth by Aligning APIs and Market Trends (2014-08-21) www.mashery.com
MuleSoft Summit Heads to Chicago New York (2014-08-20) blogs.mulesoft.com
A drive by review of the Uber API (2014-08-20) www.bizcoder.com
Integrating Mule ESB with .NET Based Rules Engines (2014-08-19) blogs.mulesoft.com
Retail Industry APIs and API Management: Helping Us Shop Til? We Drop (2014-08-14) www.mashery.com
Healthcare APIs: Just What the Doctor Ordered (2014-08-07) www.mashery.com
Building an easier on-ramp: Introducing the Anypoint Templates Library (2014-08-06) blogs.mulesoft.com
Stop Talking About Hypermedia and REST - Start Building Adaptable APIs (2014-08-05) www.mashery.com
Four Big Mistakes In Your REST API Strategy (2014-08-04) blog.dreamfactory.com
API Management 2.0: Empowering the Enterprise for the Third Industrial Revolution (2014-07-31) www.mashery.com
Reaffirming Intel Services? Connection with Developers and Open Source at OSCON (2014-07-30) www.mashery.com
Introducing the Anypoint Platform for APIs (2014-07-30) blogs.mulesoft.com
Best Practices REST API from Scratch - Introduction (2014-07-25) www.sitepoint.com
Upcoming Webinar ? Integrating Salesforce and SAP (2014-07-25) blogs.mulesoft.com
APIs: The Key to Surviving a Zombie Apocalypse? (2014-07-25) www.mashery.com
Don?t just throw APIs at the problem! (2014-07-24) blogs.mulesoft.com
HTTP Response Codes and You | OP3Nvoice (2014-07-23) clarify.io
Legos vs APIs ? Top Integration and API Articles of the Week (2014-07-18) blogs.mulesoft.com
Hot off the Press: 18F?s API Standards (2014-07-16) www.digitalgov.gov
The Real World Cup Winner: APIs (2014-07-16) blogs.mulesoft.com
Hot off the press: 18Fs API Standards (2014-07-15) 18fblog.tumblr.com
API-Centric Data Architectures - Part II (2014-06-24) apigee.com
What is a Developer Evangelist? (2014-06-23) www.mashery.com
Designing Irresistible APIs (2014-06-19) www.princesspolymath.com
Why You Should Care Netflix is Shuttering Its Public API (2014-06-18) blogs.mulesoft.com
New eBook: APIs and IT Rationalization (2014-06-16) apigee.com
What is the ?Internet of Things? and how does it relate to APIs? (2014-06-13) www.mashery.com
The Connected K-9 (2014-06-09) www.mashery.com
Happiness is a well-designed API | ZDNet (2014-06-06) www.zdnet.com
Wearables and Devices Will Drive a New Paradigm in Managing Clinical Data (2014-06-05) www.mashery.com
API Manager ? Simple JAVA Client Access Example (2014-06-03) blogs.mulesoft.com
JSON vs simpleJSON vs ultraJSON (2014-06-02) blog.dataweave.in
Toward a Lean API Strategy (2014-05-29) www.apiacademy.co
APIs, Connectors and Integration Applications (2014-04-17) blogs.mulesoft.com
API documentation made beautiful with Apiary.io (2014-02-28) www.itworld.com
FloridaSU Expands Innovation Lab with Cube 3D Printers (2014-02-28) www.3dsystems.com
A Practical? by D. Keith Casey Jr (2014-02-27) leanpub.com
Application Programming eXperience: It?s all about *X - Mobile Apps Stuff (2014-01-28) manfredbo.tumblr.com
Jakub Nesetril, CEO of Apiary on Web APIs and Developer Experience (2014-01-28) www.infoq.com
The Human Aspects of API Design: An Interview with Apiarys Jakub Nesetril (2013-11-14) www.infoq.com
More Thoughts on an API Commons (2013-11-10) www.3scale.net
Designing APIs for the Internet of Things (IoT) (2013-10-30) www.apiacademy.co
APIs At The Heart of your Mobile App Strategy (2013-10-28) blog.akana.com
How To Test REST API with API Blueprint and Dredd (2013-10-17) blog.apiary.io
No more outdated API documentation! (2013-10-10) blog.apiary.io
RAML - RESTful API modeling language (2013-10-02) raml.org
New API Blueprint available at Apiary (2013-10-02) blog.apiary.io
Apiary Is Growing (2013-09-17) blog.apiary.io
Learn how to find the Opportunity of Data at the 2013 Business of APIs Conference in San Francisco (2013-09-05) www.mashery.com
JSON and XML (2013-09-03) developer.infoconnect.com
MASHERY I/O DOCS - DOCS THAT ROCK (2013-08-27) www.mashery.com
Designing APIs for Asynchrony (2013-08-24) blog.izs.me
Api Design, Part 2: Design Messaging Styles By Balancing... (2013-08-20) www.forrester.com
Api Design, Part 4: Future-proof And Secure Your Apis... (2013-08-20) www.forrester.com
Api Design, Part 1: Rest Is The Leading But Not Only... (2013-08-20) www.forrester.com
Api Design, Part 3: Make Transactions And Error Handling... (2013-08-20) www.forrester.com
The Secrets of Awesome JavaScript API Design (2013-08-16) dzone.com
The Future of Medical Technology is Already in Your Hands (2013-08-08) www.mashery.com
The Importance of Impermanence in API Design (2013-08-06) www.programmableweb.com
HOW USA TODAYS API POWERS PARTNERSHIPS (2013-08-06) www.mashery.com
The Future of TV and APIs (2013-08-01) www.mashery.com
4 Fresh Rotten Tomatoes API Integrations (2013-07-31) www.mashery.com
Joshua Bloch: Bumper-Sticker API Design (2013-07-27) www.infoq.com
Unlock your datas Potential - Treat your APIs as Products (2013-07-12) www.mashery.com
Micro Service Architecture (2013-07-09) yobriefca.se
Treat Your API Users as Customers (2013-07-09) www.mashery.com
API Design: A New Model for Pragmatic REST (2013-07-04) blog.apigee.com
API Design: Harnessing HATEOAS, Part 2 (2013-07-03) blog.apigee.com
Signs youre veering from good API design (2013-07-03) blog.apiaxle.com
API Crafting Secrets: Into Flightstats APIs (2013-07-02) www.3scale.net
Presenting your API as a Product ? Designing your API for Data Exchanges (2013-07-01) www.mashery.com
Practical API Design: Confessions of a Java Framework Architect (2013-06-29) tinydl.com
Better Rest API design 1 (2013-06-27) hao-deng.blogspot.com
Present your API as a Product ? API Portal Presentation Best Practices (2013-06-26) www.mashery.com
Get packing with Masherys API Packager (2013-06-21) www.mashery.com
API Design: Harnessing HATEOAS, Part 1 (2013-06-20) apigee.com
Data-Driven Aesthetics (2013-06-19) www.nytimes.com
When Good API Design is a Waste of Time (2013-06-19) www.apiacademy.co
API Design: Honing in on HATEOAS (2013-06-17) apigee.com
RESTful APIs: White House Sets The Standard(s) (2013-06-17) www.programmableweb.com
Designing Hypermedia APIs (2013-06-11) www.designinghypermediaapis.com
API Design Wiki (2013-06-11) wiki.apidesign.org
Web API Design Cookbook (2013-06-11) www.w3.org
API Management ? The New Black? (2013-06-05) www.mashery.com
APIs vs. The Myth of the Omnichannel Retailer (2013-06-05) www.mashery.com
Why you should treat your API like a product (2013-06-04) www.mashery.com
Swagger with WSO2 API Manager (2013-05-31) blog.cobia.net
API Hierarchy of Needs | API UX (2013-05-30) apiux.com
Big Data, IoT, API...Newer technologies protected by older security (2013-05-30) www.mashery.com
Flying Higher with APIs (2013-05-23) www.mashery.com
Consistency is Key When Designing APIs (2013-05-22) blog.strikeiron.com
Omni-channel Explosion: Mashery Signs Strategic Agreement with NetSuite (2013-05-16) www.mashery.com
Mashery + Intel = The Ultimate Mashup (2013-05-09) www.mashery.com
Platform Success Strategies: Communicate the Value of Your API (2013-04-30) www.mashery.com
Stop Designing Fragile Web APIs by Mathieu Fenniak (2013-04-29) mathieu.fenniak.net
White House API Standards (2013-04-26) github.com
Three Ways to Think About API Design (2013-04-26) www.programmableweb.com
REST API Design Rulebook (2013-04-26) shop.oreilly.com
API Design and Architecture Boot Camp from Layer 7 (2013-04-26) www.ca.com
API Design and Documentation (2013-04-26) www.digitalgov.gov
API Design from Apigee (2013-04-26) apigee.com
Want to Attract Developers to your API? Set Them Free (2013-04-26) www.mashery.com
Designing APIs for Humans (2013-04-25) john-sheehan.com
Sports APIs ? A Perfect Fit (2013-04-25) www.mashery.com
APIs are changing the game for data delivery (2013-04-23) www.mashery.com
Machine Sensor Data, APIs and Productivity (2013-04-18) www.mashery.com
Connecting with APIs (2013-04-16) www.mashery.com
Creative Market Launches Photoshop Extension, Announces Upcoming Release of New API (2013-04-11) www.programmableweb.com
Designing A RESTful API That Doesnt Suck (2013-03-24) devo.ps
New API Blueprint Format Basics?The Apiary Blog (2013-02-21) blog.apiary.io
API Design Development Guidelines (2013-02-16) dzone.com
API Design from Apigee - 3rd Edition (2013-01-16) apigee.com
OData and Impact on API Design (video slides) (2012-06-03) apigee.com
Why Startups Need an API (2012-04-21) tune.com

If you think there is a link I should have listed here feel free to tweet it at me, or submit as a Github issue. Even though I do this full time, I'm still a one person show, and I miss quite a bit, and depend on my network to help me know what is going on.

API Authentication Organizations

These are the organizations I come across in my research who are doing interesting things in the API space. They could be companies, institutions, government agencies, or any other type of organizational entity. My goal is to aggregate so I can stay in tune with what they are up to and how it impacts the API space.


Authenticate and authorize apps and APIs with any popular identity provider (enterprise, social or custom) running on any popular software stack on any popular device or cloud with Auth0's identity-as-a-service. Run from the Auth0 public cloud service, from a private cloud instance, or on-prem. Auth0 allows developers to replace painfully brittle in-app auth code with a call to an easy-to-use cloud service. Auth0 is particularly useful in eliminating the pain of dealing with a complex identity environment. Auth0 further allows IT to quickly set up SSO for any SAML-compliant 3rd party app (SaaS or on-prem).


Authy is a the simplest way to add two-factor authentication to any Website or App. Authy provides a simple API for developers to customize the user experience when they add Two-Factor Authentication as well as multiple addons for common Application such as Wordpres

AWS Cognito

Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web apps. With Amazon Cognito, you also have the options to authenticate users through social identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your own identity system. In addition, Amazon Cognito enables you to save data locally on users devices, allowing your applications to work even when the devices are offline. You can then synchronize data across users devices so that their app experience remains consistent regardless of the device they use. With Amazon Cognito, you can focus on creating great app experiences instead of worrying about building, securing, and scaling a solution to handle user management, authentication, and sync across devices.

AWS Config

AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. Config Rules enables you to create rules that automatically check the configuration of AWS resources recorded by AWS Config. With AWS Config, you can discover existing and deleted AWS resources, determine your overall compliance against rules, and dive into configuration details of a resource at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.

AWS Directory Service

AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also known as AWS Microsoft AD, enables your directory-aware workloads and AWS resources to use managed Active Directory in the AWS Cloud. The Microsoft AD service is built on actual Microsoft Active Directory and does not require you to synchronize or replicate data from your existing Active Directory to the cloud. You can use standard Active Directory administration tools and take advantage of built-in Active Directory features such as Group Policy, trusts, and single sign-on. With Microsoft AD, you can easily join Amazon EC2 and Amazon RDS for SQL Server instances to a domain, and use AWS Enterprise IT applications such as Amazon WorkSpaces with Active Directory users and groups.

AWS Identity and Access Management

AWS Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.  IAM is a feature of your AWS account offered at no additional charge. You will be charged only for use of other AWS services by your users. To get started using IAM, or if you have already registered with AWS, go to the AWS Management Console and get started with these IAM Best Practices.

AWS Security Token Service

The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).

Azure Key Vault

Azure Key Vault offers an easy, cost-effective way to safeguard keys and other secrets in the cloud by using hardware security modules (HSMs). Protect cryptographic keys and small secrets like passwords with keys stored in HSMs. For added assurance, import or generate your keys in HSMs that are certified to FIPS 140-2 level 2 and Common Criteria EAL4+ standards, so that your keys stay within the HSM boundary. Key Vault is designed so that Microsoft does not see or extract your keys. Create new keys for Dev-Test in minutes and migrate seamlessly to production keys managed by security operations. Key Vault scales to meet the demands of your cloud applications without the hassle required to provision, deploy, and manage HSMs and key management software.

Duo Security

Duo Security enables protected login and transactional functions for smartphones users. It does this by sending users authorization verification from web-based platform to their phones, in addition to their login. Their REST API provides integration to their two-factor authentication process. It is a RESTful API, and returns JSON (defaut), BSON, and XML responses.


Gigya provides websites with a complete social infrastructure that creates immersive social experiences for users and provides unparalleled customer insights for businesses. Gigya equips businesses like ABC, Pepsi, and Verizon with a comprehensive solution to socialize their online properties.


Gluu provides open source authentication and API access management stack, called the Gluu Server, helps companies secure Web and mobile applications. The Gluu Server leverages standards such as OAuth2, OpenID Connect, UMA, SAML 2.0, and SCIM to enable federated single sign-on (SSO) and trust elevation. The Gluu Server is used by universities, government agencies, and companies to secure employee facing and consumer network services. Deployed on one or more dedicated servers and the IaaS platform of your choice, the Gluu Server improves the quality and drives down the cost of an increasingly complex and mission critical IT service: authentication and authorization (AA).

Google Cloud Identity & Access Management (IAM)

Google Cloud Identity & Access Management (IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage cloud resources centrally. For established enterprises with complex organizational structures, hundreds of workgroups and potentially many more projects, Cloud IAM provides a unified view into security policy across your entire organization, with built-in auditing to ease compliance processes.

Google Cloud Key Management Service (KMS)

Cloud KMS is a cloud-hosted key management service that lets you manage encryption for your cloud services the same way you do on-premises. You can generate, use, rotate and destroy AES256 encryption keys. Cloud KMS is integrated with IAM and Cloud Audit Logging so that you can manage permissions on individual keys, and monitor how these are used. Use Cloud KMS to protect secrets and other sensitive data which you need to store in Google Cloud Platform.

Google Cloud User Accounts

Service for managing the global Google Cloud user accounts. This API reference is organized by resource type. Each resource type has one or more data representations and one or more methods.

Google OAuth2

Google APIs use the OAuth 2.0 protocol for authentication and authorization. Google supports common OAuth 2.0 scenarios such as those for web server, installed, and client-side applications. To begin, obtain OAuth 2.0 client credentials from the Google API Console. Then your client application requests an access token from the Google Authorization Server, extracts a token from the response, and sends the token to the Google API that you want to access. For an interactive demonstration of using OAuth 2.0 with Google (including the option to use your own client credentials), experiment with the OAuth 2.0 Playground.


The Janrain User Management Platform (JUMP) helps organizations succeed on the social web by providing leading technology to leverage the popularity of social networks and identities for user acquisition, engagement, and enhanced customer intelligence. Our solutions, including social login, social sharing, social profile data collection and storage, access to the social graph, game mechanics, and digital strategy services, improve the effectiveness of online marketing initiatives for leading brands like Fox, Universal Music Group, Whole Foods, MTV, Purina, Avis and Dr Pepper.


To keep your business ahead of current Internet trends, we at LoginRadius came up with a different approach to the log-in process. Using LoginRadius, you can easily integrate social logins on your website and allow users to login with their existing accounts on Facebook, Google, Yahoo, Twitter and over 20 more providers. By eliminating lengthy and sometimes irritating registration process, not only will your website attract more traffic but also boost your user base. LoginRadius is a “Software As A Service” (SAAS).


The LoginTC application, when enabled with a LoginTC token, allows you to securely log on to LoginTC-enabled websites and applications. This LoginTC app (available for Android, BlackBerry, and iOS platforms) allows a user to have multiple LoginTC tokens to access multiple LoginTC-enabled websites and applications. The administrator of every LoginTC-protected website you subscribe will provide you with an Activation Code and the LoginTC Name created for you via e-mail, over the phone, or via post mail.


miiCard (My Internet Identity) is a global Identity as a Service solution that proves  ‘you are who you say you are’,  purely online, in minutes and to the same level as a physical passport or photo ID check.  Through a patented process that leverages the trust between an individual and their financial institution, miiCard establishes identity to Level of Assurance 3+ and meets Know Your Customer and Anti-Money Laundering identity guidelines, enabling the sale of regulated products and services purely online.  Combining online identity proofing with strong authentication, miiCard provides the trust and security required for people and businesses to meet and transact with confidence in a purely digital environment.


OAuth.io is a dead simple OAuth solution that allows you to integrate the common API providers, with just three lines of JavaScript, completely abstracting away the complexity of OAuth integration. By using OAuth.io, you are free to focus your attention on product development instead of losing time on API integration using OAuth.


Okta is the foundation for secure connections between people and technology. By harnessing the power of the cloud, Okta allows people to access applications on any device at any time, while still enforcing strong security protections. It integrates directly with an organization's existing directories and identity systems, as well as 4,000+ applications.


User-Managed Access (UMA) is an OAuth-based protocol that enables an individual to control the authorization of data sharing and service access made by others. The OpenUMA community shares an interest in informing, improving, and extending the development of UMA-compatible open-source software as part of ForgeRock’s Open Identity Stack.


Stormpath is an authentication and user management service that helps development teams quickly and securely build web and mobile applications and services. With the Stormpath API, you can add a user management layer to simple or complex applications, with little custom code.

If you think there is an organization I should have listed here feel free to tweet it at me, or submit as a Github issue. Even though I do this full time, I'm still a one person show, and I miss quite a bit, and depend on my network to help me know what is going on.

API Authentication Tooling

As I study each API, and API related service, I'm always looking for open source tooling that has been developed around each area of the API life cycle. This is an aggregate of tooling I've come across and aggregated as part of my API testing research.



An Oauth2 authentication service for microservices


A Javascript RESTFUL API library for connecting with OAuth2 services, such as Google+ API, Facebook Graph and Windows Live Connect


You know that blue “Share” button in Google Apps? Ever wanted to add a feature like that to your own app or API ecosystem? The UMA protocol enables you to do just that. User-Managed Access (UMA) is an OAuth-based protocol that enables an individual to control the authorization of data sharing and service access made by others. The OpenUMA community shares an interest in informing, improving, and extending the development of UMA-compatible open-source software as part of ForgeRock’s Open Identity Stack.


A fully tested, abstract interface to creating OAuth clients and servers.

If there is a tool that you think should be listed here, let me know by submitting a Github issue or Tweeting a link at me. I'm always looking for new types of tools, and get better at organizing them here and making sense.