OWASP API Security Project

aid: owasp-api-security-project
name: OWASP API Security Project
description: >-
  The OWASP API Security Project focuses on strategies and solutions to
  understand and mitigate the unique vulnerabilities and security risks of
  Application Programming Interfaces. The project produces and maintains the
  OWASP API Security Top 10, a community-driven list of the most critical API
  security risks for developers, architects, and security professionals.
type: Index
position: Consumer
access: 3rd-Party
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
tags:
  - Security
  - Standards
  - OWASP
created: '2025-01-08'
modified: '2026-04-28'
url: >-
  https://raw.githubusercontent.com/api-evangelist/owasp-api-security-project/refs/heads/main/apis.yml
specificationVersion: '0.19'
apis:
  - aid: owasp-api-security-project:owasp-api-security-project
    name: OWASP API Security Project
    description: >-
      The OWASP API Security Project produces and maintains the OWASP API
      Security Top 10, a list of the most critical API security risks. It
      provides guidance, tools, and references to help organizations identify
      and address API-specific vulnerabilities such as broken object level
      authorization, broken authentication, and excessive data exposure.
    humanURL: https://owasp.org/www-project-api-security/
    tags:
      - Security
      - Standards
    properties:
      - type: Documentation
        url: https://owasp.org/www-project-api-security/
      - type: Reference
        url: https://owasp.org/API-Security/editions/2023/en/0x00-header/
common:
  - type: Website
    url: https://owasp.org/www-project-api-security/
  - type: Documentation
    url: https://owasp.org/www-project-api-security/
  - type: GitHub
    url: https://github.com/OWASP/API-Security
maintainers:
  - FN: Kin Lane
    email: [email protected]