APIs control data sharing in every service, server, data store, and web client. Modern data-centric designs-- including microservices and cloud-native applications-- demand a comprehensive, multi-layered approach to security for both private and public-facing APIs. "API security in action" teaches you how to create secure APIs for any situation. By following this hands-on guide you’ll build a social network API while mastering techniques for flexible multi-user security, cloud key management, and lightweight cryptography. When you’re done, you’ll be able to create APIs that stand up to complex threat models and hostile environments.