Metlo is an open-source API security platform.

How to implement Step-up Authentication using Amazon Cognito

Secure NestJs Rest API with Keycloak

Protocol specification and Node library designed to make building APIs that use HMAC signatures simple

Node.js/Express backend for SymptomPulse. Manages symptom/medication data, integrates Open FDA API, and handles JWT authentication. Built with TypeScript, MySQL, and Prisma ORM for robust data modeling.

Express middleware for creating APIs that implement hmac signatures

Qiuth transforms standard bearer API keys into proof-of-possession tokens, using multi-factor security layers like IP validation, TOTP, and certificate validation to prevent unauthorized access even if your key is leaked.

Advanced rate limiting module for NestJS with PostgreSQL persistence, progressive penalties, and admin management.

Koa middleware for creating APIs that implement hmac signatures

Frontend for apictl gateway

Lightweight HMAC request signing with zero dependencies.

Lightweight open-source rate-limiting middleware for Node.js/Express & Redis. Provides configurable limits per IP or user, integrates easily with GraphQL or REST-APIs, and helps protect backend routes from abuse and overload.

Production-ready Node.js backend boilerplate with JWT auth, MongoDB, file uploads, validation, and logging.

Express middleware for rate limiting and API abuse protection

Udacity Full Stack Nanodegree — Project 03: Coffee Shop Full Stack (Authentication & Authorization)

Repository to study api security concepts

A secure and feature-rich API for developer job listings.

Simple file upload endpoint and deployed on Azion web platform

Extensible rate limiting engine with pluggable storage and algorithm strategy patterns — designed for scalable multi-instance deployment.

🚀 Protect your site with Moonito, the real-time analytics and AI bot protection SDK for Node.js and TypeScript that filters traffic and ensures security.