How to authorize server API client?

I

Iskandar Axarsu2016-02-13 13:24:13

User identification

Iskandar Axarsu, 2016-02-13 13:24:13

The task is as follows: we are making a web-based RESTful API that will be used by third-party web and mobile applications in B2B type services. There are 2 parties involved in communication: the API server and the client application.
The client can make requests to the API server both from the server side and from the side of the browser Javascript code. The API is closed. Each client pre-registers on the API server and receives its own unique identifier. You can only work with the API using this identifier.
Question: how to properly organize the authorization of the client application, taking into account all the described conditions?
Thanks in advance!

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

VZVZ, 2016-02-13
@VZVZ

Long story - tokens, cookies, etc. And why? We take the Fiddler sniffer and see how it is done on other sites.
Golden rule: don't do something new without mastering the old one. Do not do your own without mastering someone else's.