The goal is to make it easy for developers to implement secure APIs without having to worry about all the details involved in creating a secure system.
The Problem
Security frameworks are often complex and difficult to use correctly. They require extensive training, documentation, and support from operations teams. This makes them impractical for many organizations who want simple solutions that can be implemented by their development teams with minimal overhead or risk of failure.
This problem has been particularly acute in the area of API security where there are no standards (yet) on how best to implement these systems at scale across multiple applications and services within an organization’s infrastructure
https://t.co/xq6mxr8qio