Section 5 · 6 topics
Security
The attack surface you're ignoring
01
Authentication vs Identification
API keys are NOT authentication
Beginner6 min read
02
OAuth2 & OpenID Connect
The flows, the tokens, and the mistakes everyone makes
Intermediate7 min read
03
Authorization Models
RBAC, ABAC, scopes — picking the right one
Intermediate5 min read
04
OWASP API Security Top 10
The vulnerabilities you're probably shipping right now
Intermediate6 min read
05
CORS
Every frontend dev has fought it, few understand it
Beginner5 min read
06
Secrets Management
API keys in URLs end up in logs — always
Intermediate4 min read