You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Securing REST APIs with Connect PHP

Accepted answer
8
Views
1
Comments
edited Oct 26, 2017 4:50AM in Integrations and APIs 1 comment

Content

Hello dears,

We are currently creating REST APIs  with the Connect PHP model. We rely on these heavily to read/create objects and query important information.

However, since these pages are published, anyone with the url is able to access the information they return.

My question is: is there a way to secure these pages? Is there a best practices document/thread/guideline recommended by Oracle when it comes to securing custom REST APIs?

Currently the security method we are adopting is posting username/password credentials from a back-end server to our API page and performing a validation check before querying the info.

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!