anandology
commented
8 years ago Please remember that API keys will be a temporary measure until we implement full-fledged OAuth based authentication for APIs.
Closed anandology closed 8 years ago
anandology
commented
8 years ago Please remember that API keys will be a temporary measure until we implement full-fledged OAuth based authentication for APIs.
anandology
commented
8 years ago Using Personal API tokens with basic-auth seems like much simpler approach than using API keys.
With this approach, we could just use curl with basic auth for accessing the API. for example:
curl -u someone@example.com http://test.missionvistaar.in/api/userThat would prompt for the password and user will enter the personal API token there.
anandology
commented
8 years ago Good enough for now.
Have a page
/account/api-keysto generate or regenerate API keys.Code the necessary utilities for doing the authentication using API keys and provide a simple API endpoint demonstrating the use of API keys.