From the course: Securing Generative AI: Strategies, Methodologies, Tools, and Best Practices

Unlock this course with a free trial

Join today to access over 24,800 courses taught by industry experts.

Best practices around API tokens for plugins, data access, and function-level permissions

Best practices around API tokens for plugins, data access, and function-level permissions

From the course: Securing Generative AI: Strategies, Methodologies, Tools, and Best Practices

Start my 1-month free trial Buy for my team

Best practices around API tokens for plugins, data access, and function-level permissions

- [Instructor] API Tokens are critical components in securing access to APIs, especially in the context of AI plugins or LLM applications that are interacting with other applications and accessing data. And of course, going over proper management and security of those tokens that are being used for API communications. So you have to pay attention to several best practices, including secure key storage, authorization, and of course identity management, which is a critical component of this. And then following different recommendations and best practices from the Open Worldwide Application Security Project, otherwise known as OWASP, and specifically to their ASVS. And ASVS stands for Application Security Verification Standard. And these are a series of best practices and guidelines for application developers on how to secure the implementations. And this of course applies to AI applications as well. Another best practice is token rotation, as well as a good crypto implementations. And…

Contents