{"id":37915,"date":"2019-03-11T11:21:11","date_gmt":"2019-03-11T09:21:11","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=37915"},"modified":"2019-03-11T11:21:20","modified_gmt":"2019-03-11T09:21:20","slug":"gitguardian-api-security-best-practices","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2019\/03\/11\/gitguardian-api-security-best-practices\/","title":{"rendered":"GitGuardian API Security Best Practices"},"content":{"rendered":"<!-- google_ad_section_start -->\n\n<p class=\"wp-block-paragraph\">The team behind <a href=\"https:\/\/www.gitguardian.com\/\">GitGuardian<\/a>, a tool that helps developers to keep credentials and other secrets outside of the source code, shares their documentation for the <a href=\"https:\/\/github.com\/GitGuardian\/APISecurityBestPractices\">API security best practices<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The cool bit about their documentation is that it covers both how to avoid the issues and how to solve them if they happened.<\/p>\n<!-- google_ad_section_end -->\n","protected":false},"excerpt":{"rendered":"<!-- google_ad_section_start -->\n<p>The team behind GitGuardian, a tool that helps developers to keep credentials and other secrets outside of the source code, shares their documentation for the API security best practices. The cool bit about their documentation is that it covers both how to avoid the issues and how to solve them if they happened.<\/p>\n<!-- google_ad_section_end -->\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"GitGuardian API Security Best Practices #WebDev #security #API #git #VersionControl #BestPractices","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1,18,62,1334],"tags":[2404,3069,2265,200,1588,1330],"keyring_services":[],"class_list":["post-37915","post","type-post","status-publish","format-standard","hentry","category-general","category-programming","category-technology","category-web-work","tag-api","tag-best-practices","tag-git","tag-security","tag-version-control","tag-web-development"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":26070,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/04\/26\/best-practices-for-designing-a-pragmatic-restful-api\/","url_meta":{"origin":37915,"position":0},"title":"Best Practices for Designing a Pragmatic RESTful API","author":"Leonid Mamchenkov","date":"April 26, 2016","format":false,"excerpt":"An API is a user interface for developers. Put the effort in to ensure it's not just functional but pleasant to use. Vinay Sahni has a rather lengthy, detailed, and well-rounded post on how to design a good RESTful API. \u00a0It covers pretty much everything from URL structures and parameters,\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28861,"url":"https:\/\/mamchenkov.net\/wordpress\/2018\/10\/15\/documenting-lists-with-swagger\/","url_meta":{"origin":37915,"position":1},"title":"Documenting lists with Swagger","author":"Leonid Mamchenkov","date":"October 15, 2018","format":false,"excerpt":"Swagger is a great tool for documenting APIs.\u00a0 Not only it helps with keeping the documentation complete and up-to-date, but it also provides a handy sandbox for developers to play around with the API directly from the documentation. We use Swagger a lot at work.\u00a0 We've even pushed the bar\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2018\/10\/swagger-500x345.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":23194,"url":"https:\/\/mamchenkov.net\/wordpress\/2014\/12\/22\/http-api-design-guide\/","url_meta":{"origin":37915,"position":2},"title":"HTTP API Design Guide","author":"Leonid Mamchenkov","date":"December 22, 2014","format":"link","excerpt":"HTTP API Design Guide This guide describes a set of HTTP+JSON API design practices, originally extracted from work on the Heroku Platform API. This guide informs additions to that API and also guides new internal APIs at Heroku. We hope it\u2019s also of interest to API designers outside of Heroku.\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":16556,"url":"https:\/\/mamchenkov.net\/wordpress\/2012\/07\/23\/semantic-versioning\/","url_meta":{"origin":37915,"position":3},"title":"Semantic Versioning","author":"Leonid Mamchenkov","date":"July 23, 2012","format":false,"excerpt":"A lot of my work these days is all around web projects, where versions aren't particularly used. \u00a0Code is written, tested, and deployed multiple times a day, rather than once in a while. \u00a0But if you are doing scheduled releases with major and minor changes, backward compatibility and so forth,\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":26132,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/05\/26\/openapi-specification\/","url_meta":{"origin":37915,"position":4},"title":"OpenAPI Specification","author":"Leonid Mamchenkov","date":"May 26, 2016","format":false,"excerpt":"OpenAPI Specification v2.0 - formerly known as\u00a0Swagger RESTful API Documentation Specification. Swagger\u2122 is a project used to describe and document RESTful APIs. The Swagger specification defines a set of files required to describe such an API. These files can then be used by the Swagger-UI project to display the API\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":16782,"url":"https:\/\/mamchenkov.net\/wordpress\/2012\/10\/02\/adwiki\/","url_meta":{"origin":37915,"position":5},"title":"ADWiki","author":"Leonid Mamchenkov","date":"October 2, 2012","format":"link","excerpt":"ADWiki Online documentation system for JavaScript projects that adhere to JSDoc API documentation format. \u00a0Includes: Tools for parsing JSDoc blocks in the JavaScript files Clean documentation website based on Twitter Bootstrap Simple blog engine integrated with the site, where developers can commend and extend project documentation. Requires Node.js and MySQL.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/37915","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=37915"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/37915\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=37915"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=37915"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=37915"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=37915"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}