APIs are a key component in any digital transformation journey. They enable organizations to create new business models and connect with partners and customers, while providing seamless digital experiences by linking systems and services together. In today’s API economy, all modern architecture concepts deeply rely on APIs.
In a typical API management platform, the key manager component or authorization server mainly focuses on access delegation or securely managing access tokens. However, comprehensive API security goes beyond simple authorization capabilities. Open Web Application Security Project’s (OWASP) recent API Security Top 10 explains how vast the API security threat landscape is. This is why we need IAM solutions in API platforms to fill this security gap. An IAM solution strengthens security and provides additional capabilities to enhance digital transformation efforts.
Director of Engineering, WSO2
Ishara has been a part of the WSO2 Identity Server team for more than 9 years. He provides engineering leadership to the WSO2 Identity Server team and is an IAM advocate to WSO2 customers across the world. Ishara has presented at numerous global conferences and workshops including WSO2Con and CIW Amsterdam on the topics of IAM, strong authentication, and privacy. Ishara has written several articles and technical papers about the IAM domain.
Technical Lead, WSO2
Thanuja is a part of the WSO2 Identity Server team and has over 7 years of experience in the software industry. His focus areas are identity management and computer security. Thanuja directly works with our customers to provide solutions and technical consulting in the IAM space.