#10 - Server-Side Request Forgery (SSRF)

Server Side Request Forgery, also known as SSRF, is a security vulnerability that allows a malicious threat actor to induce the server side of a web application or API to perform unauthorized actions. The Clinical Data API's objects have undergone testing to ensure that suitable permission structures are used within the scope of the service's functions. To prevent common SSRF attacks, make sure the authorization model of the API interface is consistent while writing code and delivering data to and from the API.