Oauth 2 In Action

Author : Justin Richer,Antonio Sanso
Publisher : Simon and Schuster
Page : 461 pages
File Size : 50,9 Mb
Release : 2017-03-06
Category : Computers
ISBN : 9781638352280

Get Book

OAuth 2 in Action by Justin Richer,Antonio Sanso Pdf

"Provides pragmatic guidance on what to do ... and what not to do." - From the Foreword by Ian Glazer, Salesforce OAuth 2 in Action teaches you the practical use and deployment of this HTTP-based protocol from the perspectives of a client, authorization server, and resource server. You'll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology Think of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services. About the Book OAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You'll begin with an overview of OAuth and its components and interactions. Next, you'll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you'll dig into tokens, dynamic client registration, and more advanced topics. By the end, you'll be able to confidently and securely build and deploy OAuth on both the client and server sides. What's Inside Covers OAuth 2 protocol and design Authorization with OAuth 2 OpenID Connect and User-Managed Access Implementation risks JOSE, introspection, revocation, and registration Protecting and accessing REST APIs About the Reader Readers need basic programming skills and knowledge of HTTP and JSON. About the Author Justin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source. Table of Contents What is OAuth 2.0 and why should you care? The OAuth dance Building a simple OAuth client Building a simple OAuth protected resource Building a simple OAuth authorization server OAuth 2.0 in the real world Common client vulnerabilities Common protected resources vulnerabilities Common authorization server vulnerabilities Common OAuth token vulnerabilities OAuth tokens Dynamic client registration User authentication with OAuth 2.0 Protocols and profiles using OAuth 2.0 Beyond bearer tokens Summary and conclusions Part 1 - First steps Part 2 - Building an OAuth 2 environment Part 3 - OAuth 2 implementation and vulnerabilities Part 4 - Taking OAuth further

Author : Anonim
Publisher : Unknown
Page : 128 pages
File Size : 41,9 Mb
Release : 2018
Category : Electronic
ISBN : 896077104X

Get Book

OAuth 2 in action by Anonim Pdf

Author : Ryan Boyd
Publisher : "O'Reilly Media, Inc."
Page : 81 pages
File Size : 55,6 Mb
Release : 2012-02-22
Category : Computers
ISBN : 9781449331610

Get Book

Getting Started with OAuth 2.0 by Ryan Boyd Pdf

Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application. Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks. Understand OAuth 2.0’s role in authentication and authorization Learn how OAuth’s Authorization Code flow helps you integrate data from different business applications Discover why native mobile apps use OAuth differently than mobile web apps Use OpenID Connect and eliminate the need to build your own authentication system

Author : Neil Madden
Publisher : Simon and Schuster
Page : 574 pages
File Size : 41,6 Mb
Release : 2020-11-20
Category : Computers
ISBN : 9781638356646

Get Book

API Security in Action by Neil Madden Pdf

"A comprehensive guide to designing and implementing secure services. A must-read book for all API practitioners who manage security." - Gilberto Taccari, Penta API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. A web API is an efficient way to communicate with an application or service. However, this convenience opens your systems to new security risks. API Security in Action gives you the skills to build strong, safe APIs you can confidently expose to the world. Inside, you’ll learn to construct secure and scalable REST APIs, deliver machine-to-machine interaction in a microservices architecture, and provide protection in resource-constrained IoT (Internet of Things) environments. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology APIs control data sharing in every service, server, data store, and web client. Modern data-centric designs—including microservices and cloud-native applications—demand a comprehensive, multi-layered approach to security for both private and public-facing APIs. About the book API Security in Action teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. When you’re done, you’ll be able to create APIs that stand up to complex threat models and hostile environments. What's inside Authentication Authorization Audit logging Rate limiting Encryption About the reader For developers with experience building RESTful APIs. Examples are in Java. About the author Neil Madden has in-depth knowledge of applied cryptography, application security, and current API security technologies. He holds a Ph.D. in Computer Science. Table of Contents PART 1 - FOUNDATIONS 1 What is API security? 2 Secure API development 3 Securing the Natter API PART 2 - TOKEN-BASED AUTHENTICATION 4 Session cookie authentication 5 Modern token-based authentication 6 Self-contained tokens and JWTs PART 3 - AUTHORIZATION 7 OAuth2 and OpenID Connect 8 Identity-based access control 9 Capability-based security and macaroons PART 4 - MICROSERVICE APIs IN KUBERNETES 10 Microservice APIs in Kubernetes 11 Securing service-to-service APIs PART 5 - APIs FOR THE INTERNET OF THINGS 12 Securing IoT communications 13 Securing IoT APIs

Author : John Carnell,Kalpit Patel
Publisher : Simon and Schuster
Page : 443 pages
File Size : 55,6 Mb
Release : 2017-06-11
Category : Computers
ISBN : 9781638354222

Get Book

Spring Microservices in Action by John Carnell,Kalpit Patel Pdf

Summary Spring Microservices in Action teaches you how to build microservice-based applications using Java and the Spring platform. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology Microservices break up your code into small, distributed, and independent services that require careful forethought and design. Fortunately, Spring Boot and Spring Cloud simplify your microservice applications, just as the Spring Framework simplifies enterprise Java development. Spring Boot removes the boilerplate code involved with writing a REST-based service. Spring Cloud provides a suite of tools for the discovery, routing, and deployment of microservices to the enterprise and the cloud. About the Book Spring Microservices in Action teaches you how to build microservice-based applications using Java and the Spring platform. You'll learn to do microservice design as you build and deploy your first Spring Cloud application. Throughout the book, carefully selected real-life examples expose microservice-based patterns for configuring, routing, scaling, and deploying your services. You'll see how Spring's intuitive tooling can help augment and refactor existing applications with micro services. What's Inside Core microservice design principles Managing configuration with Spring Cloud Config Client-side resiliency with Spring, Hystrix, and Ribbon Intelligent routing using Netflix Zuul Deploying Spring Cloud applications About the Reader This book is written for developers with Java and Spring experience. About the Author John Carnell is a senior cloud engineer with twenty years of experience in Java. Table of contents Welcome to the cloud, Spring Building microservices with Spring Boot Controlling your configuration with Spring Cloud configuration server On service discovery When bad things happen: client resiliency patterns with Spring Cloud and Netflix Hystrix Service routing with Spring Cloud and Zuul Securing your microservices Event-driven architecture with Spring Cloud Stream Distributed tracing with Spring Cloud Sleuth and Zipkin Deploying your microservices

Author : Charles Bihis
Publisher : Packt Publishing Ltd
Page : 238 pages
File Size : 46,5 Mb
Release : 2015-12-15
Category : Computers
ISBN : 9781784392307

Get Book

Mastering OAuth 2.0 by Charles Bihis Pdf

Create powerful applications to interact with popular service providers such as Facebook, Google, Twitter, and more by leveraging the OAuth 2.0 Authorization Framework About This Book Learn how to use the OAuth 2.0 protocol to interact with the world's most popular service providers, such as Facebook, Google, Instagram, Slack, Box, and more Master the finer details of this complex protocol to maximize the potential of your application while maintaining the utmost of security Step through the construction of a real-world working application that logs you in with your Facebook account to create a compelling infographic about the most important person in the world—you! Who This Book Is For If you are an application developer, software architect, security engineer, or even a casual programmer looking to leverage the power of OAuth, Mastering OAuth 2.0 is for you. Covering basic topics such as registering your application and choosing an appropriate workflow, to advanced topics such as security considerations and extensions to the specification, this book has something for everyone. A basic knowledge of programming and OAuth is recommended. What You Will Learn Discover the power and prevalence of OAuth 2.0 and use it to improve your application's capabilities Step through the process of creating a real-world application that interacts with Facebook using OAuth 2.0 Examine the various workflows described by the specification, looking at what they are and when to use them Learn about the many security considerations involved with creating an application that interacts with other service providers Develop your debugging skills with dedicated pages for tooling and troubleshooting Build your own rich, powerful applications by leveraging world-class technologies from companies around the world In Detail OAuth 2.0 is a powerful authentication and authorization framework that has been adopted as a standard in the technical community. Proper use of this protocol will enable your application to interact with the world's most popular service providers, allowing you to leverage their world-class technologies in your own application. Want to log your user in to your application with their Facebook account? Want to display an interactive Google Map in your application? How about posting an update to your user's LinkedIn feed? This is all achievable through the power of OAuth. With a focus on practicality and security, this book takes a detailed and hands-on approach to explaining the protocol, highlighting important pieces of information along the way. At the beginning, you will learn what OAuth is, how it works at a high level, and the steps involved in creating an application. After obtaining an overview of OAuth, you will move on to the second part of the book where you will learn the need for and importance of registering your application and types of supported workflows. You will discover more about the access token, how you can use it with your application, and how to refresh it after expiration. By the end of the book, you will know how to make your application architecture robust. You will explore the security considerations and effective methods to debug your applications using appropriate tools. You will also have a look at special considerations to integrate with OAuth service providers via native mobile applications. In addition, you will also come across support resources for OAuth and credentials grant. Style and approach With a focus on practicality and security, Mastering OAuth 2.0 takes a top-down approach at exploring the protocol. Discussed first at a high level, examining the importance and overall structure of the protocol, the book then dives into each subject, adding more depth as we proceed. This all culminates in an example application that will be built, step by step, using the valuable and practical knowledge you have gained.

Author : Peter Elger,Eóin Shanaghy
Publisher : Simon and Schuster
Page : 326 pages
File Size : 43,6 Mb
Release : 2020-09-05
Category : Computers
ISBN : 9781638350439

Get Book

AI as a Service by Peter Elger,Eóin Shanaghy Pdf

AI as a Service is a practical handbook to building and implementing serverless AI applications, without bogging you down with a lot of theory. Instead, you’ll find easy-to-digest instruction and two complete hands-on serverless AI builds in this must-have guide! Summary Companies everywhere are moving everyday business processes over to the cloud, and AI is increasingly being given the reins in these tasks. As this massive digital transformation continues, the combination of serverless computing and AI promises to become the de facto standard for business-to-consumer platform development—and developers who can design, develop, implement, and maintain these systems will be in high demand! AI as a Service is a practical handbook to building and implementing serverless AI applications, without bogging you down with a lot of theory. Instead, you’ll find easy-to-digest instruction and two complete hands-on serverless AI builds in this must-have guide! Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology Cloud-based AI services can automate a variety of labor intensive business tasks in areas such as customer service, data analysis, and financial reporting. The secret is taking advantage of pre-built tools like Amazon Rekognition for image analysis or AWS Comprehend for natural language processing. That way, there’s no need to build expensive custom software. Artificial Intelligence (AI), a machine’s ability to learn and make predictions based on patterns it identifies, is already being leveraged by businesses around the world in areas like targeted product recommendations, financial forecasting and resource planning, customer service chatbots, healthcare diagnostics, data security, and more. With the exciting combination of serverless computing and AI, software developers now have enormous power to improve their businesses’ existing systems and rapidly deploy new AI-enabled platforms. And to get on this fast-moving train, you don’t have to invest loads of time and effort in becoming a data scientist or AI expert, thanks to cloud platforms and the readily available off-the-shelf cloud-based AI services! About the book AI as a Service is a fast-paced guide to harnessing the power of cloud-based solutions. You’ll learn to build real-world apps—such as chatbots and text-to-speech services—by stitching together cloud components. Work your way from small projects to large data-intensive applications. What's inside - Apply cloud AI services to existing platforms - Design and build scalable data pipelines - Debug and troubleshoot AI services - Start fast with serverless templates About the reader For software developers familiar with cloud basics. About the author Peter Elger and Eóin Shanaghy are founders and CEO/CTO of fourTheorem, a software solutions company providing expertise on architecture, DevOps, and machine learning. Table of Contents PART 1 - FIRST STEPS 1 A tale of two technologies 2 Building a serverless image recognition system, part 1 3 Building a serverless image recognition system, part 2 PART 2 - TOOLS OF THE TRADE 4 Building and securing a web application the serverless way 5 Adding AI interfaces to a web application 6 How to be effective with AI as a Service 7 Applying AI to existing platforms PART 3 - BRINGING IT ALL TOGETHER 8 Gathering data at scale for real-world AI 9 Extracting value from large data sets with AI

Author : Joseph K. Liu,Xinyi Huang
Publisher : Springer Nature
Page : 740 pages
File Size : 51,6 Mb
Release : 2019-12-10
Category : Computers
ISBN : 9783030369385

Get Book

Network and System Security by Joseph K. Liu,Xinyi Huang Pdf

This book constitutes the proceedings of the 13th International Conference on Network and System Security, NSS 2019, held in Sapporo, Japan, in December 2019. The 36 full papers and 7 short papers presented together with 4 invited papers in this book were carefully reviewed and selected from 89 initial submissions. The papers cover a wide range of topics in the field, including authentication, access control, availability, integrity, privacy, confidentiality, dependability and sustainability of computer networks and systems.

Author : Arnaud Lauret
Publisher : Simon and Schuster
Page : 602 pages
File Size : 40,5 Mb
Release : 2019-10-08
Category : Computers
ISBN : 9781638351191

Get Book

The Design of Web APIs by Arnaud Lauret Pdf

Summary The Design of Web APIs is a practical, example-packed guide to crafting extraordinary web APIs. Author Arnaud Lauret demonstrates fantastic design principles and techniques you can apply to both public and private web APIs. About the technology An API frees developers to integrate with an application without knowing its code-level details. Whether you’re using established standards like REST and OpenAPI or more recent approaches like GraphQL or gRPC, mastering API design is a superskill. It will make your web-facing services easier to consume and your clients—internal and external—happier. About the book Drawing on author Arnaud Lauret's many years of API design experience, this book teaches you how to gather requirements, how to balance business and technical goals, and how to adopt a consumer-first mindset. It teaches effective practices using numerous interesting examples. What's inside Characteristics of a well-designed API User-oriented and real-world APIs Secure APIs by design Evolving, documenting, and reviewing API designs About the reader Written for developers with minimal experience building and consuming APIs. About the author A software architect with extensive experience in the banking industry, Arnaud Lauret has spent 10 years using, designing, and building APIs. He blogs under the name of API Handyman and has created the API Stylebook website.

Author : Reza Montasari,Hamid Jahankhani,Haider Al-Khateeb
Publisher : Springer Nature
Page : 322 pages
File Size : 53,6 Mb
Release : 2021-11-26
Category : Computers
ISBN : 9783030871666

Get Book

Challenges in the IoT and Smart Environments by Reza Montasari,Hamid Jahankhani,Haider Al-Khateeb Pdf

This book is an invaluable reference for those operating within the fields of Cyber Security, Digital Forensics, Digital Policing, Computer Science and Artificial Intelligence. The Internet of Things (IoT) ecosystem presents a wide range of consumer, infrastructure, organisational, industrial and military applications. The IoT technologies such as intelligent health-connected devices; unmanned aerial vehicles (UAVs); smart grids; cyber-physical and cyber-biological systems; and the Internet of Military/Battlefield Things offer a myriad of benefits both individually and collectively. For example, implantable devices could be utilised to save or enhance patients’ lives or offer preventative treatments. However, notwithstanding its many practical and useful applications, the IoT paradigm presents numerous challenges spanning from technical, legal and investigative issues to those associated with security, privacy and ethics. Written by internationally-renowned experts in the field, this book aims to contribute to addressing some of these challenges. Lawyers, psychologists and criminologists could also find this book a very valuable resource at their disposal, and technology enthusiasts might find the book interesting. Furthermore, the book is an excellent advanced text for research and master’s degree students as well as undergraduates at their final years of studies in the stated fields.

Author : Michael Howard,Simone Curzi,Heinrich Gantenbein
Publisher : Microsoft Press
Page : 1056 pages
File Size : 40,7 Mb
Release : 2022-12-05
Category : Computers
ISBN : 9780137908684

Get Book

Designing and Developing Secure Azure Solutions by Michael Howard,Simone Curzi,Heinrich Gantenbein Pdf

Plan, build, and maintain highly secure Azure applications and workloads As business-critical applications and workloads move to the Microsoft Azure cloud, they must stand up against dangerous new threats. That means you must build robust security into your designs, use proven best practices across the entire development lifecycle, and combine multiple Azure services to optimize security. Now, a team of leading Azure security experts shows how to do just that. Drawing on extensive experience securing Azure workloads, the authors present a practical tutorial for addressing immediate security challenges, and a definitive design reference to rely on for years. Learn how to make the most of the platform by integrating multiple Azure security technologies at the application and network layers— taking you from design and development to testing, deployment, governance, and compliance. About You This book is for all Azure application designers, architects, developers, development managers, testers, and everyone who wants to make sure their cloud designs and code are as secure as possible. Discover powerful new ways to: Improve app / workload security, reduce attack surfaces, and implement zero trust in cloud code Apply security patterns to solve common problems more easily Model threats early, to plan effective mitigations Implement modern identity solutions with OpenID Connect and OAuth2 Make the most of Azure monitoring, logging, and Kusto queries Safeguard workloads with Azure Security Benchmark (ASB) best practices Review secure coding principles, write defensive code, fix insecure code, and test code security Leverage Azure cryptography and confidential computing technologies Understand compliance and risk programs Secure CI / CD automated workflows and pipelines Strengthen container and network security

Author : Tiago Prince Sales,Henderik A. Proper,Giancarlo Guizzardi,Marco Montali,Fabrizio Maria Maggi,Claudenir M. Fonseca
Publisher : Springer Nature
Page : 386 pages
File Size : 51,9 Mb
Release : 2023-02-23
Category : Business & Economics
ISBN : 9783031268861

Get Book

Enterprise Design, Operations, and Computing. EDOC 2022 Workshops by Tiago Prince Sales,Henderik A. Proper,Giancarlo Guizzardi,Marco Montali,Fabrizio Maria Maggi,Claudenir M. Fonseca Pdf

This book constitutes revised selected papers from the international workshops, the EDOC Forum and the Demonstration and Doctoral Consortium track, that were held at the 26th International Conference on Enterprise Design, Operations, and Computing, EDOC 2022. The conference took place in Bozen-Bolzano, Italy, during October 3–7, 2022. The conference focuses on the area of enterprise computing, this year with the special emphasis on the theme of designing and operating “Flexible Enterprises”. Workshops within EDOC cover more focused topics and allow for the presentation and discussion of work that is in the earlier development stages. The 18 full and 8 short papers included in this volume were carefully reviewed and selected from 82 submissions. They stem from the following satellite events: – Workshop on Intelligent Digital Architecture, Methods, and Services for Industry 4.0 and Society 5.0 (IDAMS) – 14th Workshop on Service-oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE) – 17th Workshop on Trends in Enterprise Architecture Research (TEAR) – EDOC Forum – Demonstrations Track – Doctoral Consortium

Author : Jyotsna Kumar Mandal,Devadatta Sinha
Publisher : Springer
Page : 734 pages
File Size : 45,5 Mb
Release : 2018-08-23
Category : Computers
ISBN : 9789811313431

Get Book

Social Transformation – Digital Way by Jyotsna Kumar Mandal,Devadatta Sinha Pdf

This book constitutes the refereed proceedings of the 52nd Annual Convention of the Computer Society of India, CSI 2017, held in Kolkata, India, in January 2018. The 59 revised papers presented were carefully reviewed and selected from 157 submissions. The theme of CSI 2017, Social Transformation – Digital Way, was selected to highlight the importance of technology for both central and state governments at their respective levels to achieve doorstep connectivity with its citizens. The papers are organized in the following topical sections: Signal processing, microwave and communication engineering; circuits and systems; data science and data analytics; bio computing; social computing; mobile, nano, quantum computing; data mining; security and forensics; digital image processing; and computational intelligence.

Author : Laurentiu Spilca
Publisher : Manning Publications
Page : 558 pages
File Size : 40,8 Mb
Release : 2020-11-03
Category : Computers
ISBN : 9781617297731

Get Book

Spring Security in Action by Laurentiu Spilca Pdf

Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you'll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you're done, you'll have a customized Spring Security configuration that protects against threats both common and extraordinary. Summary While creating secure applications is critically important, it can also be tedious and time-consuming to stitch together the required collection of tools. For Java developers, the powerful Spring Security framework makes it easy for you to bake security into your software from the very beginning. Filled with code samples and practical examples, Spring Security in Action teaches you how to secure your apps from the most common threats, ranging from injection attacks to lackluster monitoring. In it, you'll learn how to manage system users, configure secure endpoints, and use OAuth2 and OpenID Connect for authentication and authorization. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology Security is non-negotiable. You rely on Spring applications to transmit data, verify credentials, and prevent attacks. Adopting "secure by design" principles will protect your network from data theft and unauthorized intrusions. About the book Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you'll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you're done, you'll have a customized Spring Security configuration that protects against threats both common and extraordinary. What's inside Encoding passwords and authenticating users Securing endpoints Automating security testing Setting up a standalone authorization server About the reader For experienced Java and Spring developers. About the author Laurentiu Spilca is a dedicated development lead and trainer at Endava, with over ten years of Java experience. Table of Contents PART 1 - FIRST STEPS 1 Security Today 2 Hello Spring Security PART 2 - IMPLEMENTATION 3 Managing users 4 Dealing with passwords 5 Implementing authentication 6 Hands-on: A small secured web application 7 Configuring authorization: Restricting access 8 Configuring authorization: Applying restrictions 9 Implementing filters 10 Applying CSRF protection and CORS 11 Hands-on: A separation of responsibilities 12 How does OAuth 2 work? 13 OAuth 2: Implementing the authorization server 14 OAuth 2: Implementing the resource server 15 OAuth 2: Using JWT and cryptographic signatures 16 Global method security: Pre- and postauthorizations 17 Global method security: Pre- and postfiltering 18 Hands-on: An OAuth 2 application 19 Spring Security for reactive apps 20 Spring Security testing

Author : Badrinarayanan Lakshmiraghavan
Publisher : Apress
Page : 402 pages
File Size : 50,9 Mb
Release : 2013-05-13
Category : Computers
ISBN : 9781430257837

Get Book

Pro ASP.NET Web API Security by Badrinarayanan Lakshmiraghavan Pdf

ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP. With such wide accessibility, securing your code effectively needs to be a top priority. You will quickly find that the WCF security protocols you’re familiar with from .NET are less suitable than they once were in this new environment, proving themselves cumbersome and limited in terms of the standards they can work with. Fortunately, ASP.NET Web API provides a simple, robust security solution of its own that fits neatly within the ASP.NET MVC programming model and secures your code without the need for SOAP, meaning that there is no limit to the range of devices that it can work with – if it can understand HTTP, then it can be secured by Web API. These SOAP-less security techniques are the focus of this book.