Watch a brief discussion with examples about security testing consideration in API testing.
- [Instructor] We all know how important security is…in the modern world of web development.…This, of course, no less true when we are dealing with APIs.…This course isn't about security testing…so we won't spend a lot of time on it,…but I do want to touch on it briefly…so that we don't forget that it's an important consideration…when it comes to designing and testing APIs.…Sometimes we can think that security…is all about the auth service…and making sure that people can't get your credentials…or can't get around the authorization APIs.…This is, of course, vitally important.…But it's just the tip of the iceberg…when it comes to security testing in an API.…
I do want to mention something here,…though, that's very important.…One of the most important rules…of authentication and authorization…is don't try to implement your own version of it.…Unless you're a big company like Google,…that has the resources to take the time to do it right,…you'll likely make mistakes,…and this is an area you don't want to make mistakes.…
- Reviewing API terminology
- Mitigating risks related to testing APIs
- Mapping out the layout of an API
- API authorization and authentication
- Finding and using bearer tokens
- Testing GET, POST, PUT, and DELETE calls
- Using mocks, stubs, and fakes in API testing
- Testing microservices and the Internet of Things
Skill Level Intermediate
1. Understanding Web Services and APIs
2. Getting Started with API Testing
3. API Authorization
Using OAuth tokens3m 28s
4. Hands-on API Testing
5. Additional API Testing Considerations
Next steps3m 1s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.