Security is an important part of any enterprise application. In the era of cloud and the Internet of Things, controlling access to the application via the public web API is an essential requirement for any enterprise. The security implementation in a RESTful web service application decides who can access the RESTful web APIs and what they can do once they are logged in. This chapter describes how you can secure the REST APIs from unauthorized and malicious access.

In this chapter, we take the point of view of the architect and not of the creator of the infrastructures supporting our applications. Nevertheless, by the end of the chapter, you will have a good understanding of how to secure your web services ...