APIs can be home-grown, or come with integrated systems. In either case presenting a single security model towards the End-user, (partners, internal or customers) is crucial in order to manage cost and maintain agility.
Using a Security Gateway
Firewalling your RESTful or SOAP API, means protecting it on event the semantic level. An API Gateway is a combined Firewall and API Integration server, that with a powerful design enables the user to create virual API's outbound, protected by OAuth 2 or other security protocols.
Featured video - OAuth and OpenID Connect for Microservices
Jacob Ideskog - VP Twobo Technologies
Jacob illustrates how OAuth and OpenID Connect can be used to securely develop and deploy Microservice APIs.Watch video
Securing APIs is step 0. Soon enough it becomes crucial to avoid sunken costs in old SOAP investments, or to bring together various homegrown APIs into a single uniform outbound API. Transforming old SOAP into new REST APIs without a single line of code, or bringing together all APIs under a single outward facing roof is what API integration is about.
The three pillars of Neo-Security.