Fundamentals of API Security with Python

Dive into the fundamentals of API security for Python applications in this comprehensive 2.5-hour tutorial. Explore best practices and patterns for API authentication, authorization, and security by design. Examine the OWASP top 10 API vulnerabilities through practical examples from real-world APIs, analyzing attack vectors and learning how to address them. Gain insights into Open Authorization (OAuth) and OpenID Connect (OIDC) protocols, understanding their risks, advantages, and known vulnerabilities. Learn about JSON Web Tokens (JWTs) and their correct implementation for access authorization. Discover how to automate the detection and addressing of security vulnerabilities in APIs using fuzzy testers like schemathesis and design-testing tools like spectral. Work with OpenAPI specifications and code examples in Flask and FastAPI throughout the tutorial. Ideal for developers with some experience working with APIs, this session equips you with the knowledge to build and deliver secure APIs in Python.