Every API needs some form of security for validating its access, request, and output options. In this chapter, we will discuss some of the authorization techniques for authenticating users by using JWT-based tokens and basic authentication. Moving on, we will use tools such as Passport and look at security best practices. This chapter will describe the importance of serving APIs with SSL, as well as how to validate data so that we don't expose sensitive information.
The following topics will be covered in this chapter:
- Authorization techniques
- Authenticating requests
- Securing API
- Validation