The security mechanisms can be grouped into three categories:
- Authetication and Authorization
- Confidentiality
- Integrity
1./ Authetication and Authorization
- An API-Key is used to authenticate an application for authorized access to the API.
2. Confidentiality
- A SSL encoded channel is required for the transmission (HTTPS). The encryption algorithm can be chosen by the client.
3. Integrity
- All API access is saved in detail, see the description about logged data.