Click here to Skip to main content
15,886,919 members
Search within:


How to secure my C++ API?
Please Sign up or sign in to vote.
1.00/5 (1 vote)
Hello, I have created an API in C++ in Ubuntu (using this tutorial https://levelup.gitconnected.com/building-an-api-in-c-with-pistache-413247535fd3) and I would need to secure it. I've read about OAuth, tokens and TLS (transport layer security), however, I kinda have no idea how to start implementing either one of those in order to secure the API which I created. The holy internet didn't help me much on that part either. Any help would be very much appreciated, thank you.

What I have tried:

Nothing concrete found on internet.
Posted
Updated 11-Jul-23 22:39pm
Add a Solution
Comments
Richard MacCutchan 12-Jul-23 4:14am    
It rather depends on what you mean by "secure", and how the API is accessed. Is this a web service or an installable library?
MrJay994 13-Jul-23 2:17am    
It is basically a server being started on an Ubuntu OS using the Pistache Rest Framework for C++ that can be found at the link I provided.
Richard MacCutchan 13-Jul-23 3:56am    
You probably need to investigate all the features of the Pistache framework.

1 solution

As a high-level overview, there are a few steps you can follow -

OAuth -
There are a few framework/libraries that supports C++ on OAuth. POCO, OAuth2CPP, or CPP-REST-SDK are some options. We used POCO before, have a look at their libraries available - POCO C++ Libraries[^]. Google returned tons of search items on POCO - poco c++ oauth2[^]

To work of a tutorial, one can be found at - Tutorial: Securing an API by using OAuth 2.0[^]

Tokens -
After you have successfully authenticated your API, generate access tokens for authorized users only - full tutorial available at - Learn about token-based authentication[^].
You can also read up on how to create tokens at - The Full Guide to API Token Generation[^]

TLS -
Lastly, acquire an SSL/TLS certificate for your API's domain name. a Tutorial on configurating your API using SSL Certificates can be found at - Configuring the REST API by using SSL certificates[^].
a Tutorial on TLS/SSL is available at - WHAT ARE TLS/SSL CERTIFICATES[^]

As I mentioned above, this is just a pointer, it should direct you if you go into each item in-depth.
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Securing an C++ API with POCO
CryptStringToBinary API behavior
How to make a a secure oauth2.0 API call in dynamics 365
Win32 API CreateFile to Open File with empty DACL (Security Descriptor)
Is there Microsoft Security Essentials Api?
Netusergetinfo API fail in windows when user doesn't have admin access or group access.is there any other API which works without this privileges for access windows active directory?
Regarding 401 unauthorized error rest api in clr C++
How to secure Restful web API
Is this way to check API security right?
Security factors in web api

Advertise
Privacy
Cookies
Terms of Use
Last Updated 12 Jul 2023
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web02 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900