Securing web applications is an important milestone for any enterprise-grade application to protect not only the data, but also to protect it from different attacks from malicious sites.

There are various scenarios where security is an important factor for any web application:

• The information sent over the wire contains sensitive information.
• APIs are exposed publicly and are used by users to perform bulk operations.
• APIs are hosted on a server where the user can use some tools to do packet sniffing and read sensitive data.

To address the preceding challenges and to secure our application, we should consider the following options: