Back Matter

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Appendix A: Key Terms

Provided here are full spellings of acronyms and brief definitions that will be of use to you as you read the book.

Term	Description
access_token	A temporary token that provides access to OAuth-protected APIs
API	Application Programming Interface. In the context of this book, they are mainly REST –based
API Key	An identifier of an application presented at an API
API management	A reference to all aspects of an API development environment: API developer onboarding, API documentation, API monetization, and API implementation as well as API lifecycle
CI/CD	Continuous Integration/Continuous Deployment
Contract first	Starting the API development based on documentation rather than an implementation
CORBA	Common Object Request Broker Architecture
CSR	Certificate Signing Request
Docker	A container platform
Docker image	The source for a Docker container
ESB	Enterprise Service Bus
FAPI	Financial-grade API. A working group in the context of the OpenID Foundation
FIPS	Federal Information Processing Standards
ICAP	Internet Content Adaptation Protocol. An interface used to, for example, request a virus scan via an API call
IDP	Identity provider. A source of identities
IIW	Internet Identity Workshop. The place where OAuth 2.0 and OpenID Connect were initiated
JWE	JSON Web Encryption
JWKS	JSON Web Key Set. A list of public keys used to verify a JWS
JWS	JSON Web Signature
JWT	JSON Web Token. A JSON-based message format supporting digital signatures and encryption
LDAP	Lightweight Access Directory Protocol
Let’s Encrypt	A free service for issuing SSL certificates
Microservice	A term found in the context of microservice architecture. An API (microservice) serving one purpose only
Mobile first	An approach of supporting mobile use cases and mobile users first
MVP	Minimum viable product. A version of a product that supports the least number of features that are required to make it usable
NFC	Near-field communication
NIST	National Institute of Standards and Technology
OAuth 2.0	An authorization framework. It uses different types of tokens to provide access to OAuth-protected APIs
Omnipresence	Being represented on multiple platforms at the same time
OTP	One-time password
PCI	Payment Card Industries. Also PCI DSS, Payment Card Industry Data Security Standard
PSD2	Payment Service Directive 2. A European law to force banks to provide API access to accounts
QA	Quality assurance
RESTFul	Representational State Transfer
RFC	Request For Comment. In the context of this book, RFC 6749, 7515, 7519
Roadmap	An indication of features planned for the near future
SAML	Security Assertion Markup Language. A XML-based message format used for authentication and authorizations
SCOPE (OAuth)	A list of values representing permissions in the context of OAuth
SLA	Service-level agreement
SOAP	Simple Object Access Protocol. An XML-based message format for exchanging data
Social login	The process of authenticating users by their username provided by a social platform
Step-up authentication	Requiring an authentication method that indicates a higher trust than a previous authentication mechanism
Swagger	A machine-readable document describing an API definition
TLS	Transport Layer Security
WADL	Web Application Description Language
WAF	Web application firewall
WSDL	Web Service Description Language
YAML	YAML Ain’t Markup Language. A clear text message format, usually used for configurations

Index

A

access_token

Amazon Alexa

Apache Tomcat

API consumer

API Developers

API Key

API Management

API Proxy

Application programming interfaces (APIs)

Application server

Architecture

Artifacts

Attribute

Auditing

Authentication

Authorization

Authorization server (AS)

Automatization

B

Backend

Base64

Basic Authentication

Bluetooth

Business-to-business (B2B)

Business-to-consumer (B2C)

C

CA API Gateway

CA certificate

Caching

Central processing unit (CPU)

Certificate signing request (CSR)

Certificates

Classes

Client

Code stubs

Common Object Request Broker Architecture (CORBA)

Compiler

Components

Configurability

Consent

Container

Content-Type

Continuous integration/continuous delivery (CI/CD)

Contract First

CSRF

D

Database

Datasets

Demilitarized zone (DMZ)

Deployability

Design pattern

Desktop

Developer

Device

DevOps

Docker

Docker-compose

Docker image

E

Ecosystem

Encryption

Enterprise service bus (ESB)

Entity

Ephemeral (Docker/container)

Escalations

Extensible Markup Language (XML)

Extensible Stylesheet Language (XSL)

F

Federal Information Processing Standard (FIPS)

Federation

File transfer protocol (FTP)

Financial API (FAPI)

Firewall

Framework

Function

G

Geo-Location

GET

Git

GitHub

Google Home

Google Maps

H

HTTP

HTTP header

HTTP status

I

IBM Datapower

Identity Provider (IDP)

If this, then that (IFTTT)

Impersonation

Implementation

Implicit (OAuth)

Instance (container)

Integration

Internet content adaptation protocol (ICAP)

Internet Identity Workshop (IIW)

IP Address

J, K

Java

JavaScript

JBoss

JSON

JSON Web Encryption (JWE)

JSON Web Key Set (JWKS)

JSON Web Signature (JWS)

JSON Web Token (JWT)

L

Latency

Let’s Encrypt

Lightweight Directory Access Protocol (LDAP)

Load balancer

Logging

M

Machine-readable documentation

Mainframe

Martin Fowler

Message confidentiality

Message integrity

Microservice

Microservices architecture

Microsoft Azure for Docker

Microsoft OpenID Connect

Minimum viable product (MVP)

Mobile apps

Mobile first

Mock service

Monetization

N

National Institute of Standards and Technology (NIST)

Near-Field Communication (NFC)

Netgear Arlo

Network traffic

Notifications

O

OAuth

OAuth 2.0

Omnipresence

One-time password (OTP)

Online services

On-Prem

OpenID Connect

OpenID Foundation

OpenID Provider (OP)

P

Parameters

Password

Payload

Payment Card Industry (PCI)

Payment Service Directive 2 (PSD2)

Performance

Persist

Philips Hue

PHP

Pipe

Pipeline (CI/CD)

Platform

Poll

Port

POST

Product Owners

Programming languages

Proprietary

Protocol

Provider

Pseudo Code

Q

QR Code

Quality assurance (QA)

R

Rate limit

Red Hat OpenShift

Redundancy

Reliability

Relying Party (RP)

Remote cache

Replay

Request

Request For Comments (RFC)

RequestIDs

Requirements

Resource server (RS)

Resource owner (RO)

Resources (memory)

Response

RESTFul

Roadmap

Roles

Runbooks

S

Scalability

SCOPE (OAuth)

Script

Security architects

Security Assertion Markup Language (SAML)

Server

Service-level agreement (SLA)

Signatures

Simple object access protocol (SOAP)

SOAPUI

Social-Login

Social-Platform

Software Architects

Software development kit (SDK)

Statelessness

Step-up authentication

Swagger

System

T

Tenant

Testing tool

Threat protection

Transaction

Transmission control protocol (TCP)

Transparence

Transport Layer Security (TLS)

Twitter

U

Upgradability

URL encoded

URL fragment

URL Path

User interface (UI)

Username

V

Version-ability

Version control system (VCS)

W

Web Application Description Language (WADL)

Web application firewall (WAF)

Web applications

Web Server

Web services description language (WSDL)

WeChat

Windows

X

x.509

XML

SeeExtensible Markup Language (XML)

XML namespace

XML schema

Xpath

XSL

SeeExtensible Stylesheet Language (XSL)

Y, Z

YAML Ain’t Markup Language (YAML)

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Back Matter

Create new playlist

Sign In

Sign Up

Index

A

B

C

D

E

F

G

H

I

J, K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y, Z

Table of Contents for
Back Matter