+- UserSpice (https://userspice.com/forums)
+-- Forum: Support Center (https://userspice.com/forums/forumdisplay.php?fid=23)
+--- Forum: UserSpice 4.4 (https://userspice.com/forums/forumdisplay.php?fid=27)
+--- Thread: authentication to access API (/showthread.php?tid=1266)
authentication to access API - ivinsons - 12-16-2018
Hello people!
I am an enthusiast of the Userspice but I confess that I participate little in the forum!
But I have a challenge of doing an authentication to access API functions, via REST or any other way.
What is the best practice to do this?
Do you have an example?
Thank you guys!
Ivinson (Brazil)
RE: authentication to access API - mudmin - 12-16-2018
Welcome! I am not at a computer right now, but I am a big fan of requiring people to register separately for an API key. If they will be connecting server to server, I am a big fan of locking the API key to an IP address for security. Can you give me an idea of how you want people to use the API?
RE: authentication to access API - ivinsons - 12-16-2018
(12-16-2018, 10:09 PM)mudmin Wrote: Welcome! I am not at a computer right now, but I am a big fan of requiring people to register separately for an API key. If they will be connecting server to server, I am a big fan of locking the API key to an IP address for security. Can you give me an idea of how you want people to use the API?
Thank you so much for replying so promptly! (Forgive my English by Google Traslate hahahaha)
I will use the userspice to build a PWA, for associates of a health management company.
It has some partnerships that will access some information (check the status of the associate, see validity of the card, etc ...) via API. So I thought I could skip the login part, and generate an APIKey for each partner.
Do you think this is a good strategy?
RE: authentication to access API - mudmin - 12-16-2018
I think that is fine. I am traveling so I can not help over the next few days but if you need help , let me know.