Ensuring Message Integrity with HTTP Signatures

In the present day, the most common approach for protecting APIs is by using shared secrets. Every time the API is called, this secret must be presented which is not that secure. Then there are other mechanisms such as OAuth which is used to enforce access control on APIs. However none of these mechanisms provide a way to ensure the integrity of the data being transferred. Also, for certain clients, shared…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sathya Bandara

Sathya Bandara

Software Engineer | GSoC Intern | CSE Graduate