api-security-best-practices

Featured

Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities

AI & Automation 39,227 stars 6374 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# API Security Best Practices ## Overview Guide developers in building secure APIs by implementing authentication, authorization, input validation, rate limiting, and protection against common vulnerabilities. This skill covers security patterns for REST, GraphQL, and WebSocket APIs. ## When to Use This Skill - Use when designing new API endpoints - Use when securing existing APIs - Use when implementing authentication and authorization - Use when protecting against API attacks (injection, DDoS, etc.) - Use when conducting API security reviews - Use when preparing for security audits - Use when implementing rate limiting and throttling - Use when handling sensitive data in APIs ## How It Works ### Step 1: Authentication & Authorization I'll help you implement secure authentication: - Choose authentication method (JWT, OAuth 2.0, API keys) - Implement token-based authentication - Set up role-based access control (RBAC) - Secure session management - Implement multi-factor authentication (MFA) ### Step 2: Input Validation & Sanitization Protect against injection attacks: - Validate all input data - Sanitize user inputs - Use parameterized queries - Implement request schema validation - Prevent SQL injection, XSS, and command injection ### Step 3: Rate Limiting & Throttling Prevent abuse and DDoS attacks: - Implement rate limiting per user/IP - Set up API throttling - Configure request quotas - Handle rate limit errors gracefully - Monitor for suspicious activity ### ...

Details

Author
sickn33
Repository
sickn33/antigravity-awesome-skills
Created
4 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

OAuth · Auth GraphQL · API WebSocket · API

Similar Skills

Semantically similar based on skill content — not just same category

API & Backend Solid

api-security-best-practices

Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities

27,681 Updated today
davila7
API & Backend Listed

api-security-best-practices

Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities

36 Updated today
cleodin
API & Backend Listed

api-security-best-practices

Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities

335 Updated today
aiskillstore
AI & Automation Listed

api-security-best-practices

Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities

5 Updated yesterday
rootcastleco
AI & Automation Listed

security

API security expertise including authentication, authorization, OWASP compliance, and vulnerability detection.

0 Updated today
ignKhut