Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
O
O
orbit0702019-07-03 13:00:12
User identification
orbit070, 2019-07-03 13:00:12

Is it ok to pass the token via parameters at the end of the URL?

Hello.
Is it ok to pass the auth token via a parameter in the url itself?
That is, for example, like this: example.com/api/getNews?token=[My Token] The
question is not about paranoia and the answers "you can hack anything" please don't, I just want to understand how it's done or not? Thank you.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ivan Shumov, 2019-07-03
@orbit070

If the API, then it is much more common to use the authorization Bearer header. And so - someone does it, probably, but it’s definitely not a good practice

Similar questions
V
Vadim2312017-09-18 21:01:08
How to make if the number was not an integer, gave out -1 in response? 6Reply
A
Aleksandr Obukhov2019-08-05 21:49:16
What authentication and authorization service do you use for microservice architecture? 1Reply
I
Islam Ibakaev2017-03-25 07:07:12
How to properly approach building a large scale react app (with aws on the backend)? 1Reply
A
analgin2017-03-31 09:41:29
How to organize public wifi at a public transport stop? 1Reply
S
Sergey2015-04-06 09:03:30
How to disable multiple authorizations? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question