We’re experiencing the rise of the API economy. Whether it’s for a backend system, partner-facing website, or a mobile application designed for customers, companies rely on APIs to share data with more end users than ever before. Unfortunately, APIs are proving to be a major point of vulnerability. This stems primarily from the fact that APIs are usually designed internally for small use cases, which keeps them off the radar for security and compliance teams. Once they’re proven to be successful, APIs are often used by more teams and they evolve quickly into partner or client-facing solutions. Even as this transition takes place, API security is likely forgotten. Alongside the growth of APIs, security tools and processes have matured to ensure the right level of authorization is given to the appropriate tiers of users. Among these tools is OAuth 2.0, an industry-standard framework for providing specific authorization flows for web-based.