Traditional application security and more modern API security approaches often focus on writing secure code, and righteously so. But building secure APIs goes way beyond coding alone. One common example is the use of an API gateway to enforce security. In this session, we look at how to improve API security by designing a robust API architecture. We investigate security patterns and components that you can use, along with their pros and cons. You will walk away from this session with a solid understanding of best practices to secure your API architecture.