Answer the question
In order to leave comments, you need to log in
How to organize authorization in REST API?
Hello.
The approximate architecture is as follows:
1) REST API service
2) The site is public - everyone has access, there is a personal section with access only for a specific user
3) Admin panel - only admins have access, but their rights may be different
4) Mobile application - personal functions section on the site.
Esteemed here - How it is better to organize access to REST API - understanding did not increase.
Please advise how to correctly and uniformly (so that the process is the same on the site and in applications) to carry out authorization in the API service?
Answer the question
In order to leave comments, you need to log in
1. Pass the login/password to site.com/login
2. Get the session ID
3. In all subsequent requests in the header area of the http request add a header with the session ID,
for example (authorization: ZGNkOTU3NGZiODkwZTI3OTY1ZmE4M2ExNDllYWQyMTg=)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question