[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"sanity-jpcImRgwknTDTaOxxJG7MKyW1hvkw3lgMgFoR2JTf8s":3},{"data":4,"sourceMap":-1},{"info":5,"latest":14,"pinned":264},{"_createdAt":6,"_id":7,"_rev":8,"_type":9,"_updatedAt":6,"descriptionText":10,"slug":11,"title":13},"2023-05-23T16:43:21Z","wp-tagcat-rest-api","9HpbCsT2tq0xwozQfkc4ih","blogTag",null,{"current":12},"rest-api","rest api",[15,63,110,172,211],{"_id":16,"author":17,"commentCount":28,"comments":29,"excerpt":30,"featureTag":10,"image":31,"publishedAt":34,"slug":35,"sponsored":10,"tags":37,"title":62},"wp-post-19921",[18],{"_id":19,"avatar":20,"name":25,"role":10,"slug":26},"wp-author-cap-19861",{"_type":21,"asset":22},"image",{"_ref":23,"_type":24},"image-74ae88d47c8e7027aa12bdc96461f800ccf7828a-350x350-jpg","reference","Dan Moore",{"current":27},"dan-moore",12,true,"OAuth2 is one of the most popular specifications for API authentication today, though wrapping your head around it can be a challenge. ",{"_type":21,"asset":32},{"_ref":33,"_type":24},"image-a1349e4f6b8193bcbc7034de176bd4cae9c4f370-2400x1260-jpg","2022-12-22T14:00:00.000Z",{"current":36},"the-complete-guide-to-protecting-your-apis-with-oauth2",[38,42,46,51,56,58],{"_createdAt":6,"_id":39,"_rev":8,"_type":9,"_updatedAt":6,"slug":40,"title":41},"wp-tagcat-authentication",{"current":41},"authentication",{"_createdAt":6,"_id":43,"_rev":8,"_type":9,"_updatedAt":6,"slug":44,"title":45},"wp-tagcat-authorization",{"current":45},"authorization",{"_createdAt":6,"_id":47,"_rev":8,"_type":9,"_updatedAt":6,"slug":48,"title":50},"wp-tagcat-code-for-a-living",{"current":49},"code-for-a-living","Code for a Living",{"_createdAt":6,"_id":52,"_rev":8,"_type":9,"_updatedAt":6,"slug":53,"title":55},"wp-tagcat-oauth2",{"current":54},"oauth2","OAuth2",{"_createdAt":6,"_id":7,"_rev":8,"_type":9,"_updatedAt":6,"slug":57,"title":13},{"current":12},{"_createdAt":6,"_id":59,"_rev":8,"_type":9,"_updatedAt":6,"slug":60,"title":61},"wp-tagcat-security",{"current":61},"security","The complete guide to protecting your APIs with OAuth2 (part 1)",{"_id":64,"author":65,"commentCount":75,"comments":29,"excerpt":76,"featureTag":10,"image":77,"publishedAt":80,"slug":81,"sponsored":10,"tags":83,"title":109},"wp-post-19810",[66],{"_id":67,"avatar":68,"name":71,"role":72,"slug":73},"wp-author-295",{"_type":21,"asset":69},{"_ref":70,"_type":24},"image-d670f8093b43e483a52ba692d929578633f70eb5-1024x1024-jpg","Eira May","B2B Editor",{"current":74},"emay",0,"Ceora, Ben, and Matt talk with Danielle Man, Director of Engineering at Apollo GraphQL, about how an MIT program for high school girls helped kick off her career, her path from IC to engineering manager, and how Apollo became what it is today.",{"_type":21,"asset":78},{"_ref":79,"_type":24},"image-6f6591e18674cee2e570564767f3f8ca14c19158-3000x1575-png","2022-03-18T04:40:00.000Z",{"current":82},"mcdonalds-is-to-chipotle-what-rest-apis-are-to-graphql-ep-424",[84,89,93,97,99,104],{"_createdAt":6,"_id":85,"_rev":8,"_type":9,"_updatedAt":6,"slug":86,"title":88},"wp-tagcat-apollo-graphql",{"current":87},"apollo-graphql","apollo graphql",{"_createdAt":6,"_id":90,"_rev":8,"_type":9,"_updatedAt":6,"slug":91,"title":92},"wp-tagcat-graphql",{"current":92},"graphql",{"_createdAt":6,"_id":94,"_rev":8,"_type":9,"_updatedAt":6,"slug":95,"title":96},"wp-tagcat-meteor",{"current":96},"meteor",{"_createdAt":6,"_id":7,"_rev":8,"_type":9,"_updatedAt":6,"slug":98,"title":13},{"current":12},{"_createdAt":6,"_id":100,"_rev":8,"_type":9,"_updatedAt":6,"slug":101,"title":103},"wp-tagcat-podcast",{"current":102},"podcast","The Stack Overflow Podcast",{"_createdAt":6,"_id":105,"_rev":8,"_type":9,"_updatedAt":6,"slug":106,"title":108},"wp-tagcat-the-stack-overflow-podcast",{"current":107},"the-stack-overflow-podcast","the stack overflow podcast","McDonald’s is to Chipotle what REST APIs are to GraphQL (Ep. 424)",{"_id":111,"author":112,"commentCount":121,"comments":29,"excerpt":122,"featureTag":10,"image":123,"publishedAt":126,"slug":127,"sponsored":10,"tags":129,"title":171},"wp-post-19686",[113],{"_id":114,"avatar":115,"name":118,"role":10,"slug":119},"wp-author-cap-19510",{"_type":21,"asset":116},{"_ref":117,"_type":24},"image-7c4e91f7a46bfdc5870dd420f29a964da6830fbe-1920x1920-jpg","Joyce Lin",{"current":120},"joyce-lin",2,"How you can debug the APIs that you consume but don't own.",{"_type":21,"asset":124},{"_ref":125,"_type":24},"image-0737afecafd6c096e754b86037245ebc06d862a9-2400x1260-jpg","2022-02-28T15:01:18.000Z",{"current":128},"debugging-best-practices-for-rest-api-consumers",[130,135,137,141,143,147],{"_createdAt":6,"_id":131,"_rev":8,"_type":9,"_updatedAt":6,"slug":132,"title":134},"wp-tagcat-api",{"current":133},"api","API",{"_createdAt":6,"_id":47,"_rev":8,"_type":9,"_updatedAt":6,"slug":136,"title":50},{"current":49},{"_createdAt":6,"_id":138,"_rev":8,"_type":9,"_updatedAt":6,"slug":139,"title":140},"wp-tagcat-debugging",{"current":140},"debugging",{"_createdAt":6,"_id":7,"_rev":8,"_type":9,"_updatedAt":6,"slug":142,"title":13},{"current":12},{"_createdAt":6,"_id":144,"_rev":8,"_type":9,"_updatedAt":6,"slug":145,"title":146},"wp-tagcat-testing",{"current":146},"testing",{"_createdAt":148,"_id":149,"_rev":150,"_system":151,"_type":9,"_updatedAt":154,"description":155,"slug":167,"title":170},"2025-04-24T16:28:57Z","797b8797-6e65-4723-b53f-8bc005305384","IpfPEqg1c3Byvj9RrB3Xaj",{"base":152},{"id":149,"rev":153},"oc42Nphz1oZNOg9ttSv7Tn","2026-05-07T14:43:30Z",[156],{"_key":157,"_type":158,"children":159,"markDefs":165,"style":166},"bb32f75814b4","block",[160],{"_key":161,"_type":162,"marks":163,"text":164},"dbcf27ef29b3","span",[],"Community-generated articles submitted for your reading pleasure. If you’re interested in seeing your work here, log in with your Stack Overflow account and click the link below. Articles will be licensed under a CC BY-SA 4.0 grant. ",[],"normal",{"_type":168,"current":169},"slug","contributed","The Heap","Debugging best practices for REST API consumers",{"_id":173,"author":174,"commentCount":191,"comments":29,"excerpt":192,"featureTag":10,"image":193,"publishedAt":196,"slug":197,"sponsored":10,"tags":199,"title":210},"wp-post-18885",[175,183],{"_id":176,"avatar":177,"name":180,"role":10,"slug":181},"wp-author-cap-18888",{"_type":21,"asset":178},{"_ref":179,"_type":24},"image-307de27391b1ad4ed8dbfc486af1264fa71234a3-40x40-jpg","Sam Scott",{"current":182},"sam-scott",{"_id":184,"avatar":185,"name":188,"role":10,"slug":189},"wp-author-cap-18890",{"_type":21,"asset":186},{"_ref":187,"_type":24},"image-6c2d29e8136405cb7d8a4a2bf6e8c4babc481c5b-40x40-jpg","Graham Neray",{"current":190},"graham-neray",20,"If you have a REST API accessible on the internet, you're going to need to secure it. Here's the best practices on how to do that. ",{"_type":21,"asset":194},{"_ref":195,"_type":24},"image-a559131b0f87f7dd3756059be29364f15eeefde2-2400x1260-jpg","2021-10-06T14:52:18.000Z",{"current":198},"best-practices-for-authentication-and-authorization-for-rest-apis",[200,202,204,206,208],{"_createdAt":6,"_id":131,"_rev":8,"_type":9,"_updatedAt":6,"slug":201,"title":134},{"current":133},{"_createdAt":6,"_id":39,"_rev":8,"_type":9,"_updatedAt":6,"slug":203,"title":41},{"current":41},{"_createdAt":6,"_id":43,"_rev":8,"_type":9,"_updatedAt":6,"slug":205,"title":45},{"current":45},{"_createdAt":6,"_id":47,"_rev":8,"_type":9,"_updatedAt":6,"slug":207,"title":50},{"current":49},{"_createdAt":6,"_id":7,"_rev":8,"_type":9,"_updatedAt":6,"slug":209,"title":13},{"current":12},"Best practices for REST API security: Authentication and authorization",{"_id":212,"author":213,"commentCount":230,"comments":29,"excerpt":231,"featureTag":10,"image":232,"publishedAt":235,"slug":236,"sponsored":10,"tags":238,"title":263},"wp-post-15247",[214,222],{"_id":215,"avatar":216,"name":219,"role":10,"slug":220},"wp-author-cap-15245",{"_type":21,"asset":217},{"_ref":218,"_type":24},"image-62a85a24c474f9bd150ed89c8d208ec43707ed61-302x302-jpg","John Au-Yeung",{"current":221},"john-au-yeung",{"_id":223,"avatar":224,"name":227,"role":10,"slug":228},"wp-author-226",{"_type":21,"asset":225},{"_ref":226,"_type":24},"image-56688f6337dd0a96034dfc998cdecc7810597d81-1024x1024-png","Ryan Donovan",{"current":229},"rdonovan",101,"In this article, we'll look at how to design REST APIs to be easy to understand for anyone consuming them, future-proof, and secure and fast since they serve data to clients that may be confidential.",{"_type":21,"asset":233},{"_ref":234,"_type":24},"image-e1eee67d0d8803936c09d3aba530bed2da974871-2309x1299-jpg","2020-03-02T14:55:01.000Z",{"current":237},"best-practices-for-rest-api-design",[239,244,246,250,254,256,261],{"_createdAt":6,"_id":240,"_rev":8,"_type":9,"_updatedAt":6,"slug":241,"title":243},"wp-tagcat-bulletin",{"current":242},"bulletin","Bulletin",{"_createdAt":6,"_id":47,"_rev":8,"_type":9,"_updatedAt":6,"slug":245,"title":50},{"current":49},{"_createdAt":6,"_id":247,"_rev":8,"_type":9,"_updatedAt":6,"slug":248,"title":249},"wp-tagcat-express",{"current":249},"express",{"_createdAt":6,"_id":251,"_rev":8,"_type":9,"_updatedAt":6,"slug":252,"title":253},"wp-tagcat-javascript",{"current":253},"javascript",{"_createdAt":6,"_id":7,"_rev":8,"_type":9,"_updatedAt":6,"slug":255,"title":13},{"current":12},{"_createdAt":6,"_id":257,"_rev":8,"_type":9,"_updatedAt":6,"slug":258,"title":260},"wp-tagcat-stackoverflow",{"current":259},"stackoverflow","Stackoverflow",{"_createdAt":6,"_id":257,"_rev":8,"_type":9,"_updatedAt":6,"slug":262,"title":260},{"current":259},"Best practices for REST API design",[]]