Restful Web APIs encourage the development of innovative apps. Such novel apps combine data from several sources to reach new markets and customers, enabling what is known as the API Economy. APIs, however, often expose sensitive user data. By adhering to the following five principles, your organization enters the API Economy complying with current best practices in user privacy.
2. Always ask for user consent
The user must be in control of his/her own data. Before sharing sensitive data with other apps, your user must understand the risks and consent by giving explicit authorization. The only exception is when the app also belongs to your organization.
3. Let users review and remove existing authorizations
If it is important that users authorize that apps may access and change their data, it is equally important to let them review and revoke current authorizations.
Thus, you must offer an interface where your users can log on and review third-party app permissions. All authorized apps must be listed, as well as details such as the date authorization was given and which permissions were granted. Users can then choose to disallow apps they do not anymore use or want.
When an authorization is removed, the corresponding app may not anymore call your APIs to get information about the user.
4. Follow the Principle of Least Privilege
The Principle of Least Privilege states that only strictly necessary information and resources must be accessible by a given entity. In the API context, a third-party app must obtain only the permissions necessary to implement its features.
There are two main advantages to following this principle. First, you minimize user data transmitted. Second, it will result in more users opting to grant authorization, hence using the app.
To support the Principle of Least Privilege, all permissions available to apps must be carefully designed, based on a good understanding of the API audience and possible use cases.
5. Support well-known protocols, such as OAuth 2.0 and OpenID Connect
Supporting well-known protocols makes your APIs both:
- More popular, since existing libraries ease implementation.
- More secure, since such protocols and libraries are extensively reviewed by the internet community.
The OAuth 2.0 Authorization Framework is prevalent in Restful APIs. Standardized by the IETF, OAuth 2.0 targets the four points mentioned above:
- Authorization review and revocation: A system of revocable “access” and “refresh tokens” makes it possible to withdraw app authorizations at any time.
- Principle of Least Privilege: OAuth “scopes” represent app permissions that can be tailored to your organization’s needs.
OpenID Connect is an extension of OAuth 2.0 that standardizes further important aspects. These include how third-party apps verify the identity of, and receive information about, your users.
The success of an API Initiative depends on your users’ trust. Thus, defining user privacy as a primary concern and following the above five principles is key to success in API management.