[openspending-dev] api key

• Previous message: [openspending-dev] api key
• Next message: [openspending-dev] Exporting an aggregation as CSV
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On mán 9.sep 2013 15:23, Nick Stenning wrote:
> Yep. As suggested below, it's not immediately obvious to me that there's really a need for a shared process for issuing/checking API keys. It's typically only a few lines of code, and is usually much easier to get right than the standard litany of password reset, email login links, etc etc.  

Well it might be easier but there are still things you need to think
about (if you're generating api keys you will need for example
regeneration of keys or if you want OAuth for authentication you'll need
to implement all that stuff (or understand a library that does that) and
store client access things).

So I would love if a central authentication service which would use
OAuth (or something else). The only thing I would have to know is what I
should to with the access token I get in order to get it verified.

That's why I would vote for a complete central authentication service
(for both login and api).

-- 

Tryggvi Björgvinsson

Technical Lead, OpenSpending

The Open Knowledge Foundation <http://okfn.org>

/Empowering through Open Knowledge/

http://okfn.org/ | @okfn <http://twitter.com/OKFN> | OKF on Facebook
<https://facebook.com/OKFNetwork> | Blog <http://blog.okfn.org/> |
Newsletter <http://okfn.org/about/newsletter>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/openspending-dev/attachments/20130912/d9195e81/attachment.html>

• Previous message: [openspending-dev] api key
• Next message: [openspending-dev] Exporting an aggregation as CSV
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]