Authentication and authorisation of clients is performed when clients call web APIs that facilitate access to data not authorised for release into the public domain.
Topic
Web application programming interfaces
Applicable to
all
History
Mar 2023
Authentication and authorisation of clients is performed when clients call web APIs that facilitate access to data not authorised for release into the public domain.
An existing control relating to authentication of clients calling web application programming interfaces (APIs) that facilitate access to data not authorised for release into the public domain was amended to also include authorisation.
Dec 2022
Clients are authenticated when calling web APIs that facilitate access to data not authorised for release into the public domain.
A new control was added to ensure clients are authenticated when calling web application programming interfaces that facilitate access to data not authorised for release into the public domain.