Modern businesses need multiple channels and interfaces to develop end user needs via mobile apps, web applications, and even APIs, which can be consumed by other businesses to provide an integrated solution. This challenging demand brings a paradigm shift in technology solutions and focus on the decomposition of complex and huge solutions to small and specific microservices. Now REST APIs can be exposed to interact with various microservices and can be consumed by mobile apps and web apps to provide a quick and consistent experience to end users. This technology shift brings security concerns when using REST APIs. This whitepaper focuses on various security threats, considerations, and use cases to handle API security.