开发者

Is two-legged oAuth the right answer for a simple API?

开发者 https://www.devze.com 2023-04-11 05:44 出处:网络
I\'m writing an API where partners will ingest my content. There is no user data to speak of, and it\'s all-or-nothing access. I\'d eventually like to be ab开发者_JAVA百科le to restrict some partners

I'm writing an API where partners will ingest my content. There is no user data to speak of, and it's all-or-nothing access. I'd eventually like to be ab开发者_JAVA百科le to restrict some partners to certain elements of the site, but that's down the road.

Does a two-legged oAuth fit my needs well, or should I just provide an API key and a secret key to use in signing the requests? I feel like oAuth might be overkill.

Thanks!


This blog post is a little old, but has some good info.

http://blog.apigee.com/detail/do_you_need_api_keys_api_identity_vs._authorization/

It sounds like an API key would be your best bet for now...who knows, you may never need oAuth, but you could always migrate to it in the future.

0

精彩评论

暂无评论...
验证码 换一张
取 消