API Security

see also single sign on (sso) docid 3a te7wv mx9p08ox5hkh other readings about mtls https //en wikipedia org/wiki/mutual authentication , what are restful api's https //aws amazon com/what is/restful api/ , json web token (jwt) https //jwt io/introduction/ api transport level security mtls mutual tls, or mtls for short, is a method for mutual authentication mtls ensures that the parties at each end of a network connection are who they claim to be by verifying that they both have the correct private key the information within their respective tls certificates provides additional verification mtls restricts api access to specific pcs/machines/devices that have the mtls certificate installed mtls will prevent bad actors from accessing your sandbox or production environment or from using your client/secret api keys without permission mtls provides an extra layer of security to ensure bad actors from remote machines can't access your data even if they have access to your api keys api access keys client id and client secret your account is identified by your client id and secured by a client secret these keys authorize you to perform rest api requests these credentials are required to be sent with each api request accessing data via api you need both the mtls certificates and api keys to before you can access our apis read our postman tutorial docid\ lgtlviilhglckn 0qa8mg , c# tutorial docid 3 nzuyhj6lz8oinqvbedy , or python tutorial docid\ zpnzzc23zo2rjpamduwzx for code examples