Protecting APIs

Even though websites are still technically created with HTML, CSS, and JavaScript, the modern web consists primarily of APIs. And so it's not surprising that already back in 2018, API calls accounted for a good 80% of all web traffic, with many predicting a share of more than 90% for 2023.

It's about time to focus on the security of these public interfaces driving our frontends. How do we protect our API from attacks and what common mistakes should be avoided?