Protecting and Managing APIs

This course is part of API Development and Architecture Specialization

Instructor: Edureka

Access provided by Gov Academy - DGE

3 modules

Gain insight into a topic and learn the fundamentals.

Beginner level

Recommended experience

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

3 modules

Gain insight into a topic and learn the fundamentals.

Beginner level

Recommended experience

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

Implement secure authentication, authorization, and encryption techniques to protect APIs from common threats.
Identify and prevent injection, DoS, and man-in-the-middle attacks while ensuring adherence to security standards.
Configure API gateways, monitor usage and key performance metrics, and build analytics dashboards to improve adoption and reliability.
Turn APIs into scalable products by setting up developer portals, enabling monetization, and governing API ecosystems effectively.

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

11 assignments¹

AI Graded see disclaimer

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the API Development and Architecture Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 3 modules in this course

This course equips you with the essential skills to secure, manage, and monitor modern APIs, ensuring reliability and compliance in today’s interconnected applications. You’ll explore API security fundamentals, learn industry-standard authentication and authorization techniques, implement encryption, and defend against common threats.

Moving beyond security, you’ll master API management by setting up gateways, implementing monitoring and analytics, and transforming APIs into scalable products. By the end of this course, you will be able to: • Explain core API security concepts, threats, and best practices • Implement secure authentication and authorization methods including OAuth 2.0 and JWT • Protect APIs against common attacks such as injection and DoS • Encrypt sensitive data and ensure compliance with security standards • Configure and manage API gateways for routing and traffic control • Monitor API performance, track key metrics, and set up analytics dashboards • Apply strategies for API productization, monetization, and developer portal creation This course is ideal for software developers, DevOps engineers, Full Stack developers, and IT professionals who want to strengthen their skills in API security, management, and monitoring. A basic understanding of web services and RESTful APIs is recommended, but no prior experience with advanced security or API management tools is required. Join us to learn how to safeguard APIs against evolving threats, implement robust access controls, and build a scalable API ecosystem that supports modern application demands.

This module establishes a solid foundation in protecting APIs against modern threats. You’ll explore core authentication and authorization techniques, examine common attack vectors, and learn how to apply encryption and compliance standards. Through a mix of theory and demos, you will gain the practical skills needed to secure APIs from design to deployment.

What's included

21 videos7 readings5 assignments1 discussion prompt1 plugin

21 videosTotal 89 minutes

Specialization Introduction3 minutes
Course Introduction3 minutes
API Authentication Methods4 minutes
Basic Authentication and API Keys5 minutes
OAuth 2.0 and JWT4 minutes
Demonstration: Implementing OAuth in an API6 minutes
Role-Based Access Control (RBAC)3 minutes
Attribute-Based Access Control (ABAC)3 minutes
Scopes in Oauth3 minutes
Fine-Grained Access Control & Auditing4 minutes
Demonstration: Setting Up RBAC for an API7 minutes
Common API Attacks Overview3 minutes
Injection Attacks3 minutes
Man-in-the-Middle & DoS Attacks3 minutes
Security Best Practices & Preventive Measures3 minutes
Demonstration: Conducting Security Testing on an API - script.js and index.html setup3 minutes
Demonstration: Conducting Security Testing on an API - Vulnerable and Hardened Server Setup4 minutes
Demonstration: Conducting Security Testing on an API - Final Execution7 minutes
Data Encryption & HTTPS3 minutes
Encrypting Sensitive Data & Compliance Standards3 minutes
Demonstration: Implementing HTTPS for an API3 minutes

7 readingsTotal 140 minutes

Welcome to Protecting and Managing APIs30 minutes
Authentication Methods10 minutes
Comparing RBAC and ABAC: Choosing the Right Access Control Model for Modern APIs5 minutes
Understanding and Preventing the OWASP Top API Security Threats10 minutes
Encryption and Compliance10 minutes
Summary of API Security Fundamentals30 minutes
Practice Project: Building a Secure and Compliant Healthcare API Ecosystem45 minutes

5 assignmentsTotal 54 minutes

Knowledge Check: API Security Fundamentals30 minutes
Practice Quiz: Authentication Methods6 minutes
Practice Quiz: Authorization and Access Control6 minutes
Practice Quiz: Securing APIs Against Threats6 minutes
Practice Quiz: Encryption and Compliance6 minutes

1 discussion promptTotal 10 minutes

Introduce Yourself10 minutes

1 pluginTotal 10 minutes

Protecting and Managing APIs: Self Check-In10 minutes

This module focuses on the operational side of APIs—managing, observing, and scaling them effectively. You’ll work with API gateways for traffic routing and policy enforcement, implement monitoring and analytics to track key metrics, and understand how to productize APIs through developer portals and monetization strategies.

What's included

15 videos6 readings4 assignments

15 videosTotal 56 minutes

What is an API Gateway?4 minutes
Popular API Gateways2 minutes
Routing and Proxying3 minutes
Why Monitor APIs & Logging Best Practices3 minutes
Monitoring Tools, Alerting & Analytics4 minutes
Demonstration: Implementing Monitoring for an API3 minutes
API Usage & Key Metrics3 minutes
Dashboards and A/B Testing for APIs3 minutes
Improving API Adoption3 minutes
Demonstration: Setting Up Analytics for an API5 minutes
Turning APIs into Products3 minutes
API Monetization3 minutes
Developer Portals & API Marketplaces3 minutes
Governance in API Ecosystem3 minutes
Demonstration: Creating a Developer Portal for an API4 minutes

6 readingsTotal 110 minutes

Introduction to API Gateways: Concepts, Tools, and Traffic Management10 minutes
Kong API Gateway with Python15 minutes
API Monitoring and Analytics: Ensuring Reliability, Insights, and Growth5 minutes
API Productization: From Technical Tools to Business Assets5 minutes
Summary of API Management and Monitoring30 minutes
Practice Project: Modern API Management with Monitoring and Analytics45 minutes

4 assignmentsTotal 48 minutes

Knowledge Check: API Management and Monitoring30 minutes
Practice Quiz: API Gateways6 minutes
Practice Quiz: Monitoring and Analytics6 minutes
Practice Quiz: API Productization6 minutes

The closing module recaps the key lessons from the course and reinforces best practices for securing and managing APIs. You’ll review the essential concepts in a brief summary video and complete a graded knowledge check to validate your understanding and readiness to apply these skills in real-world API projects.