We need a way for the applications that use the API to authenticate, to access private information or actions of the user.
To do this, I like a lot the "token" based stuff. Maybe not even OAuth. but it's an option. Don't forget to check how GitHub is doing this very same thing.
We need a way for the applications that use the API to authenticate, to access private information or actions of the user.
To do this, I like a lot the "token" based stuff. Maybe not even OAuth. but it's an option. Don't forget to check how GitHub is doing this very same thing.
Of course, all is over HTTPS.