{"id":47994,"date":"2022-04-22T09:09:40","date_gmt":"2022-04-22T01:09:40","guid":{"rendered":"https:\/\/version-2.com\/?p=47994"},"modified":"2022-05-30T10:42:13","modified_gmt":"2022-05-30T02:42:13","slug":"the-challenges-to-api-security","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/04\/the-challenges-to-api-security\/","title":{"rendered":"The Challenges to API Security"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"47994\" class=\"elementor elementor-47994\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a9966c4 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a9966c4\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;437ef7f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2884b38\" data-id=\"2884b38\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-980bf1e elementor-widget elementor-widget-text-editor\" data-id=\"980bf1e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\n<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/senhasegura.com\/wp-content\/uploads\/2022\/04\/The-Challenges-to-API-Security.jpg\" alt=\"\" width=\"958\" height=\"auto\"><\/p>\n\n<p><span style=\"font-weight: 400;\">Some services depend on the integration between software, applications, or systems to be run by the end-user and this communication is possible due to the existence of APIs in people\u2019s daily lives.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">However, with the constant evolution of technology, these tools have been vectors for attacks by malicious agents, as explained below. Here, we also show you how important it is to invest in <\/span><b>API security <\/b><span style=\"font-weight: 400;\">and what are the main challenges to achieving this goal.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To facilitate your reading and make our content more understandable, we divided this article into topics addressing the following subjects:<\/span><\/p>\n<ul>\n<li><b>What is an API?<\/b><\/li>\n<li><b>API Today<\/b><\/li>\n<li><b>What Is API Security and How Important Is It?<\/b><\/li>\n<li><b>Types of Frequent API Attacks<\/b><\/li>\n<li><b>Six Best Practices for API Security<\/b><\/li>\n<li><b>About senhasegura<\/b><\/li>\n<li><b>Conclusion<\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Enjoy your reading!<\/span><\/p>\n<ul>\n<li>\n<h2><b>What is an API?<\/b><\/h2>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The expression <\/span><i><span style=\"font-weight: 400;\">Application Programming Interface<\/span><\/i><span style=\"font-weight: 400;\"> (API) consists of a set of programming standards that allow access to an application or platform.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This mechanism is created when a software organization intends to develop other programs related to the service they offer.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In this way, they provide codes to be used on other websites by their end-user. This is what happens with Google Maps, when it is adapted for use by other websites, such as hotel pages.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This is possible with the intermediation of an API used by the developers of the hotel\u2019s website with the Google Maps code.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This means that APIs enable communication between different applications through multiple codes, without any effort from the users.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">An API is useful for connecting several features of a website that can be used in other services, which is possible via programming.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h2><b>API Today<\/b><\/h2>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">An API is typically described as an interface that connects applications. However, this generic concept no longer fully explains the features of this tool, which recently gained new ones.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">APIs today adhere to models accessible and easily understood by developers. They are considered products, used by specific consumers, and present versions, which guarantees their lifecycle.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">They are extremely standardized software, focused on governance and <\/span><a href=\"https:\/\/senhasegura.com\/main-cybersecurity-challenges-for-brazilian-companies\/\"><span style=\"font-weight: 400;\">security<\/span><\/a><span style=\"font-weight: 400;\">, and<\/span> <span style=\"font-weight: 400;\">one can also monitor the APIs and manage their performance.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Their lifecycle includes the design, testing, construction, management, and version control phases. Modern APIs are still documented for consumption.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">These APIs spread through plug-ins. In practice, the developers of a given application create an API and make it available to other developers, who create other plug-ins, enhancing the operation of this program.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h2><b>What Is API Security and How Important Is It?<\/b><\/h2>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">With the evolution of technology, cybercriminals are going beyond their conventional targets and expanding their operations to IoT, external applications, and mobile applications.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As a result, the large number of existing APIs has become a challenge for information security professionals.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To complete, developers often do not have all the skills to develop a flawless API that complies with web and cloud security standards, which creates vulnerabilities to programs. Thus, many risks arise, such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Authorization Failures;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Data Exposure;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Denial of Service;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Failures in Security Settings;<\/span><\/li>\n<li style=\"font-weight: 400;\"><i><span style=\"font-weight: 400;\">Endpoints<\/span><\/i><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Vulnerable APIs open space for hackers, who can access sensitive information, medical and financial data of organizations, generating incalculable losses.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">When we talk about API security, we typically refer to the protection of an application\u2019s <\/span><i><span style=\"font-weight: 400;\">back-end<\/span><\/i><span style=\"font-weight: 400;\"> services, including its database, user management system, or other components that interact with data storage.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Thus, it is essential to ensure the <\/span><b>security of APIs<\/b><span style=\"font-weight: 400;\">, which covers the use of resources and the adoption of protection procedures. The <\/span><b>security of a company\u2019s APIs<\/b><span style=\"font-weight: 400;\"> involves the services that use them and should prevent malicious agents from accessing sensitive data and performing unauthorized actions.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It is important to mention that applications from other companies impact <\/span><b>API security<\/b><span style=\"font-weight: 400;\">. Therefore, the risks must be evaluated by the IT team so that an efficient protection plan is created.&nbsp;<\/span><\/p>\n<h2><b>Types of Frequent API Attacks<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Here are the most common API attacks:<\/span><\/p>\n<ul>\n<li>\n<h3><b>Injection Attack<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">When an API developer does not limit entries to certain applications, malicious agents can perform an API injection attack by sending a <\/span><i><span style=\"font-weight: 400;\">script <\/span><\/i><span style=\"font-weight: 400;\">to the server with a request that allows them to access the program.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h3><b>Stolen Authentication Attack<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">APIs configured with wrong authentication standards generate vulnerabilities for organizations, which need to prevent hackers from accessing the controls of this API and stealing data from their customers. Inadequate authentication processes can also result in brute force attacks.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h3><b>Man-in-the-middle Attack (MITM)<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Transmission of unsigned or unencrypted messages, problems with secure session configuration, or even the use of SSL\/TLS encryption with incorrect configuration can compromise API security and make an organization vulnerable to Man-in-the-middle attacks, compromising all messages with the customer.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Thus, malicious agents gain access to sensitive data, such as personally identifiable information.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h3><b>DDoS Attack<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">API <\/span><i><span style=\"font-weight: 400;\">endpoints<\/span><\/i><span style=\"font-weight: 400;\"> have become the target of DDoS attacks. Malicious agents point a bot to the API and make multiple requests on an <\/span><i><span style=\"font-weight: 400;\">endpoint<\/span><\/i><span style=\"font-weight: 400;\"> until it exceeds the tolerance of those requests and affects its responsiveness, making the service unavailable to users.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To protect an API from DDoS attacks, we recommend edge protection and the Web Application Firewall with WAAP.&nbsp;<\/span><\/p>\n\n<h2><b>Six Best Practices for API Security<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Some practices are recommended to ensure API security. Below you will find what should be done for this purpose.<\/span><\/p>\n<ul>\n<li>\n<h3><b>Analyze API Vulnerabilities<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">To ensure <\/span><b>API security<\/b><span style=\"font-weight: 400;\">, automatic verification must be enabled in order to detect vulnerabilities and eliminate them at different stages of the software lifecycle.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Automated verification features allow you to identify security flaws by comparing the application configuration to a known vulnerability database.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In practice, <\/span><i><span style=\"font-weight: 400;\">Crashtest Security Suite<\/span><\/i><span style=\"font-weight: 400;\"> allows you to scan vulnerabilities, helping to establish a continuous testing process and prevent intrusions generated by a lack of <\/span><b>API security<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The suite also performs <\/span><i><span style=\"font-weight: 400;\">benchmarks<\/span><\/i><span style=\"font-weight: 400;\"> referring to OWASP\u2019s top 10 and provides a security analysis for APIs, applications, and <\/span><i><span style=\"font-weight: 400;\">JavaScripts<\/span><\/i><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h3><b>Restrict HTTP Methods<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">REST APIs enable programs capable of performing multiple HTTP operations. HTTP information is not encrypted, so these methods can facilitate attacks.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For added security, it is important to prohibit unsafe HTTP methods, but if this is not possible, we recommend restricting your whitelist by rejecting all requests that are not on the list.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Another important measure is the use of RESTful API authentication practices, which ensure the user can use the HTTP method.<\/span><\/p>\n<ul>\n<li>\n<h3><b>Avoid Untrusted Entries by Implementing Input Validation Mechanisms<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">When the API client makes data available, do not fully trust it, since the authentication server can run an unauthorized application service or a malicious script.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In this sense, it is recommended information security professionals implement mechanisms to validate the entry into the server and the client in order to avoid untrusted entries.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Concerning the client, this validation has the job of indicating errors and warning about entries that must be accepted. On the server-side, it works to verify incoming data and prevent threats such as <\/span><i><span style=\"font-weight: 400;\">SQL Injection<\/span><\/i><span style=\"font-weight: 400;\"> and <\/span><i><span style=\"font-weight: 400;\">XSS<\/span><\/i><span style=\"font-weight: 400;\"> attacks.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h3><b>Set a Maximum Request Limit&nbsp;<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Limiting requests is an <\/span><b>API security<\/b><span style=\"font-weight: 400;\"> measure that requires setting up a temporary status for the API to analyze requests. It is usually used to prevent abuse, spam, or denial of service attacks. It also contributes to managing REST API security and preventing brute force and DDoS attacks.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Some APIs may have flexible limits, enabling users to exceed request limits for a short time. Therefore, setting the time limit is a best practice to ensure <\/span><b>API security<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Also, request queue libraries make it possible to create APIs that accept a predefined number of requests, placing the others in a queue.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h3><b>HTTPS\/TLS Must Be Used For REST APIs<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">HTTPS and <\/span><i><span style=\"font-weight: 400;\">Transport Layer Security<\/span><\/i><span style=\"font-weight: 400;\"> (TLS) provide security for the transfer of encrypted information between web servers and browsers. In addition, HTTPS contributes to the protection of authentication credentials being transferred.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Every API should implement HTTPS to ensure confidentiality, authenticity, and integrity. What\u2019s more, security professionals are advised to use mutually authenticated client-side certificates to provide more security for sensitive information and operations.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">When creating a REST API, it is necessary to avoid redirecting HTTP to HTTPS, endangering user security. It is also important to take action to divert Cross-Source Resource Sharing (CORS) and JSONP requests for cross-domain calls.<\/span><\/p>\n<ul>\n<li>\n<h3><b>Use An API Management Platform<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">An API gateway is intended to separate the client interface from the back-end API collection and to ensure the availability and scalability of API services.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In addition to managing the most diverse API services, the API management platform makes it possible to manage standard functions, such as rate limitation, telemetry, and user authentication.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The API gateway is characterized by accepting API calls, coordinating resources needed to service it, performing authentication, and ensuring appropriate results.&nbsp;<\/span><\/p>\n<ul>\n<li>\n<h3><b>About senhasegura<\/b><\/h3>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">For us, from <\/span><b>senhasegura<\/b><span style=\"font-weight: 400;\">, the protection, access, and confidentiality of privileged information is a right of all individuals and legal entities. Therefore, we strive to operate as the best-privileged access management solution in the market.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Our commitment is to assist organizations to build sovereignty and security over access and privileged information.<\/span><\/p>\n<ul>\n<li><b>Conclusion<\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By reading this article, you saw that:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">APIs are a set of programming standards that allow integration between software, applications, and systems run by the end-user.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">They contribute to the governance and security of organizations, can be monitored, and have their performances managed;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Nevertheless, with the evolution of technology, these tools have become vectors of attacks by malicious agents;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Thus, the large number of existing APIs has become a challenge for information security professionals;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">It is essential to ensure <\/span><b>API security<\/b><span style=\"font-weight: 400;\"> with the use of tools and the adoption of procedures aimed at protecting this solution;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Among the types of API attacks, the following stand out: Injection Attack, Stolen Authentication Attack, Man-in-the-middle Attack (MITM), and DDoS Attack;<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">To ensure the security of APIs, it is critical to analyze their vulnerabilities; restrict HTTP methods; avoid untrusted entries by implementing input validation mechanisms; set a maximum limit of requests; use HTTPS\/TLS for REST APIs and API gateway.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">You also had the opportunity to learn a little about the work developed by <\/span><b>senhasegura<\/b><span style=\"font-weight: 400;\"> to promote its customers\u2019 protection.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Did you like our article on <\/span><b>API security<\/b><span style=\"font-weight: 400;\">? So, share it with someone else who is interested in this topic and keep following our posts.&nbsp;<\/span><\/p>\n<p><b>ALSO READ IN <a href=\"\/senhasegura#press-release\">SENHASEGURA\u2019S BLOG<\/a><\/b><\/p>\n<p><b><a href=\"\/2022\/03\/password-reuse-understand-the-risks-of-this-practice\/\">Password Reuse: Understand the Risks of this Practice<\/a><\/b><\/p>\n<p><b><a href=\"\/2022\/03\/everything-you-need-to-know-about-ssh-keys\/\">Everything You Need to Know About SSH Keys<\/a><\/b><\/p>\n<p><b><a href=\"\/2022\/03\/password-strength-how-to-create-strong-passwords-for-credentials\/Password\/\"> Strength: How to Create Strong Passwords for Credentials?<\/a><\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a7b53ad elementor-widget elementor-widget-shortcode\" data-id=\"a7b53ad\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18134\" class=\"elementor elementor-18134\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a909055 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"a909055\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4e3c0d4\" data-id=\"4e3c0d4\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-10af45e elementor-widget elementor-widget-text-editor\" data-id=\"10af45e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About Segura\u00ae <\/strong><br \/>Segura\u00ae strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Some services depend on the integration between softwar [&hellip;]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[419,488,61],"tags":[420,489],"class_list":["post-47994","post","type-post","status-publish","format-standard","hentry","category-segura","category-488","category-press-release","tag-segura","tag-489"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Challenges to API Security - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/senhasegura.com\/the-challenges-to-api-security\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Challenges to API Security - Version 2\" \/>\n<meta property=\"og:description\" content=\"Some services depend on the integration between softwar [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/senhasegura.com\/the-challenges-to-api-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-22T01:09:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-05-30T02:42:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/senhasegura.com\/wp-content\/uploads\/2022\/04\/The-Challenges-to-API-Security.jpg\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/04\\\/the-challenges-to-api-security\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"The Challenges to API Security\",\"datePublished\":\"2022-04-22T01:09:40+00:00\",\"dateModified\":\"2022-05-30T02:42:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/04\\\/the-challenges-to-api-security\\\/\"},\"wordCount\":1749,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/senhasegura.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/The-Challenges-to-API-Security.jpg\",\"keywords\":[\"Segura\",\"2022\"],\"articleSection\":[\"Segura\",\"2022\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/04\\\/the-challenges-to-api-security\\\/\",\"url\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/\",\"name\":\"The Challenges to API Security - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/senhasegura.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/The-Challenges-to-API-Security.jpg\",\"datePublished\":\"2022-04-22T01:09:40+00:00\",\"dateModified\":\"2022-05-30T02:42:13+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/senhasegura.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/The-Challenges-to-API-Security.jpg\",\"contentUrl\":\"https:\\\/\\\/senhasegura.com\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/The-Challenges-to-API-Security.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/senhasegura.com\\\/the-challenges-to-api-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Challenges to API Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Challenges to API Security - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/","og_locale":"zh_HK","og_type":"article","og_title":"The Challenges to API Security - Version 2","og_description":"Some services depend on the integration between softwar [&hellip;]","og_url":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/","og_site_name":"Version 2","article_published_time":"2022-04-22T01:09:40+00:00","article_modified_time":"2022-05-30T02:42:13+00:00","og_image":[{"url":"https:\/\/senhasegura.com\/wp-content\/uploads\/2022\/04\/The-Challenges-to-API-Security.jpg","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"10 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/04\/the-challenges-to-api-security\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"The Challenges to API Security","datePublished":"2022-04-22T01:09:40+00:00","dateModified":"2022-05-30T02:42:13+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/04\/the-challenges-to-api-security\/"},"wordCount":1749,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/#primaryimage"},"thumbnailUrl":"https:\/\/senhasegura.com\/wp-content\/uploads\/2022\/04\/The-Challenges-to-API-Security.jpg","keywords":["Segura","2022"],"articleSection":["Segura","2022","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/04\/the-challenges-to-api-security\/","url":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/","name":"The Challenges to API Security - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/#primaryimage"},"image":{"@id":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/#primaryimage"},"thumbnailUrl":"https:\/\/senhasegura.com\/wp-content\/uploads\/2022\/04\/The-Challenges-to-API-Security.jpg","datePublished":"2022-04-22T01:09:40+00:00","dateModified":"2022-05-30T02:42:13+00:00","breadcrumb":{"@id":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/senhasegura.com\/the-challenges-to-api-security\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/#primaryimage","url":"https:\/\/senhasegura.com\/wp-content\/uploads\/2022\/04\/The-Challenges-to-API-Security.jpg","contentUrl":"https:\/\/senhasegura.com\/wp-content\/uploads\/2022\/04\/The-Challenges-to-API-Security.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/senhasegura.com\/the-challenges-to-api-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"The Challenges to API Security"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-cu6","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/47994","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=47994"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/47994\/revisions"}],"predecessor-version":[{"id":48003,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/47994\/revisions\/48003"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=47994"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=47994"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=47994"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}