API AutoFlow provides both data security and access control.
Refer to HTTPS for more detail.
API AutoFlow provides data security actions to encrypt and decrypt data.
Refer to Security Actions for more detail.
UserID based access control can be managed from the Administrator section.
Refer to Administration Section for more detail.
SQL Injection safety in API AutoFlow is supported by underlying library. Solution creators are also encouraged to add additional checks before using user input in SQL queries.
Support for multiple authentication methods is provided to ensure correct implementation of authentication is just a few clicks aways.
Refer to Security Actions for data security actions
Support for XML encode/decode is provided as actions. Take care to only allow controlled and known XML documents for processing.
Flexible Access Control may be implemented based on various data sources. Solution creators are encouraged to implement a level of access control right for the solution being created.
Empty body is returned by default. Solution creators has control over what gets returned on each request.
Data is not shared between users.
There is no default serialization of user data. Solution creators are encouraged to take care when using user data for serialization.
External components may not be used with API AutoFlow.