FortiWeb Cloud secures your API interfaces that are implemented using XML, JSON API, or OpenAPI.
Depending on how your API interfaces are implemented, you can use OpenAPI Validation, JSON Protection, or XML Protection to import a schema/validation file defining how a client should request the resources being fetched or modified. FortiWeb Cloud parses the contents of each API call against the schema/validation file and take appropriate actions to protect you from malicious traffic.
FortiWeb Cloud has the ability to manage API users, verify API keys, control API access and rate limits, etc. It can also check whether the request initiated from a mobile device carries a JWT-token header and whether the token is valid. These settings are available in API Gateway and Mobile API Protection.