Authorization
How to determine whether a user, system, or other principal has the necessary permissions to perform an action or access a resource.
Tag: Headers
Do not use cookies
Cookies are a bad idea. Don’t use them.
Cross-Origin Resource Sharing
A full implementation of the W3C’s Cross-Origin Resource Sharing (CORS) specification is required.
Security Headers
A variety of headers that can be added to every response to help protect your API from common web security vulnerabilities.