I am looking to secure APIs, and I am wondering how practical it is to roll your own authentication and authorization service?
Are there any good examples of this or
