Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Building an API Product

You're reading from   Building an API Product Design, implement, release, and maintain API products that meet user needs

Arrow left icon
Product type Paperback
Published in Jan 2024
Last Updated in Jan 2024
Publisher Packt
ISBN-13 9781837630448
Length 278 pages
Edition 1st Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Bruno Pedro Bruno Pedro
Author Profile Icon Bruno Pedro
Bruno Pedro
Arrow right icon
View More author details
Toc

Table of Contents (26) Chapters Close

Preface 1. Part 1:The API Product
2. Chapter 1: What Are APIs? FREE CHAPTER 3. Chapter 2: API User Experience 4. Chapter 3: API-as-a-Product 5. Chapter 4: API Life Cycle 6. Part 2:Designing an API Product
7. Chapter 5: Elements of API Product Design 8. Chapter 6: Identifying an API Strategy 9. Chapter 7: Defining and Validating an API Design 10. Chapter 8: Specifying an API 11. Part 3:Implementing an API Product
12. Chapter 9: Development Techniques 13. Chapter 10: API Security 14. Chapter 11: API Testing 15. Chapter 12: API Quality Assurance 16. Part 4:Releasing an API Product
17. Chapter 13: Deploying the API 18. Chapter 14: Observing API Behavior 19. Chapter 15: Distribution Channels 20. Part 5:Maintaining an API Product
21. Chapter 16: User Support 22. Chapter 17: API Versioning 23. Chapter 18: Planning for API Retirement 24. Index 25. Other Books You May Enjoy

Authorization

With authentication, you make sure API consumers are correctly identified, and their access is controlled. Authorization happens right after, and its goal is to establish what authenticated users are allowed to do when accessing your API.

RBAC

One popular authorization model is role-based access control (RBAC). It works by first establishing a set of roles and then associating roles with permitted actions. Examples of common roles include the “administrator” and the “regular user.” Each feature then has to verify what role the API consumer has and if the requested action is listed as permitted for that role.

It’s important to highlight that, to be considered effective, RBAC has to be enforced at the interface level and then on each feature that the API server implements. Otherwise, you might end up letting users perform actions for which they don’t have the right permission. It’s possible to implement RBAC at the...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime