Skip to content


This is the text version of OWASP API Security Top 10, used as source for the official version distributed as a Portable Document Format (PDF).

Contributions to the project such as comments, corrections, or translations should be done here. For details on How To Contribute, please refer to

  • Erez Yallon
  • Inon Shkedy