SafeStack Finding and Fixing API Security Vulnerabilities is an online training course designed for developers and testers focused on API security. The course covers common vulnerability classes affecting APIs in microservices and API-focused architectures. The training takes approximately 1 hour to complete and provides certification as Secure Developer Level 2 through Credly. The curriculum consists of nine modules covering security concepts, controls, and specific vulnerability types. Module topics include applying procedural and configurable security controls, broken authorization, broken authentication, data exposure, resource limitations, mass assignment, injection vulnerabilities, misconfiguration and mismanagement, and transitioning to microservices or hybrid architectures. Each module addresses what causes the vulnerability, how to identify it, understand its impact, and implement protections. The course is designed to complement other SafeStack courses including Finding and Fixing Web Application Vulnerabilities and Designing Secure Microservice Architectures. It focuses on security concepts and controls applicable to API development and operations, with emphasis on identifying weaknesses in existing environments and understanding design and build decisions that lead to vulnerabilities.