SQL Injection, XSS prevention, HMAC, JWT, JWE, Oauth2, Okta, Denial of Service (DoS), and more about API security