The goal when implementing API security is to safely ensure the right people and systems have access to the right things to accomplish their task in the shortest time necessary. In this blog we’ll take a quick look at the pros and cons of the 5 approaches to API security described in greater detail within our white paper, API Security from Concepts to Components. No security — While this isn’t a serious approach to security, it is common. A common misconception is that APIs hidden within an application (in particular in mobile apps) are safe because no one knows about them. When in reality, it takes a developer minutes to discover the API and the data it uses. Any API that is online is at risk. API keys — Most API access starts with API keys because the required logic is implemented by most frameworks out of the box.