API Security Checklist

OWASP Top 10 for API Security

Image source pexel.com

Object Level Authorization: OWASP — A1

1. Verify that you implement authorization checks in accordance with user policies and hierarchy.
2. Verify that the API implementation does not rely on IDs sent from the client; instead, the API should check IDs stored in the session.
3. Verify that server…