The term ‘security’ permeates the APS SDK documentation as one of the most business sensitive aspects of the integration process.
The APS team strives to prevent vulnerabilities in the backend framework, control panels, and the application UI that plugs into those panels. The SDK documentation helps application integrators avoid flaws in the custom code that users or other applications can exploit to damage the system intentionally or otherwise. In the integration concepts and explanations of the APS API, you can find the notes and warnings about restrictions and possible consequences of a vulnerable code.
We want all the parties cooperating based of the APS ecosystem to be confident in the protection of their integrated software systems and sensitive data from theft or damage as well as from disruption or misdirection of the services provided by those applications.
For this purpose, the following documents help you understand the main concepts of the APS embedded security model and provide recommendations to help you keep your systems protected from possible attacks or misbehavior.