Reputation: 1632
How to provide application-wide authorization to HTTP JSON API for consume it within the browser?
I'm currently working in HTTP JSON API for a touristic webapp. The webapp will be developed by a third-party company and it'll consume the API within the browser.
So I need for the API some sort of authentication to the third-party webapp can consume it. I've been researching a little bit about OAuth, but with this, I have a solution for a user-wide but not for application-wide authorization.
Because the webapp will consume the API within the browser(with Ajax), I'm concerned they will have to put the credentials to consume the API in the user browser.
Another solution would be place the credentials for the API in the server-side, but this don't depend on me.
Upvotes: 2
Views: 611
Answers (1)
Reputation: 15160
You could always use something similar to google's method, with a client ID and then a private key used to generate a signature.
https://developers.google.com/maps/documentation/business/webservices#generating_valid_signatures
That page has some code samples as well.
Upvotes: 1
Related Questions
- How do you Authorize a Web API Controller in ASP Net Core
- how to authenticate to external rest url in web api
- Authorization in Restful apis
- How to consume a secure Rest MVC web api
- Authenticating HTTP requests to my web service
- Authorization of Web Api
- How do I achieve authorization with asp.net-web-api?
- ASP.NET Web API and Authorization
- How to implement Authentication and Authorization for my Web API web service?
- How to do a webservice using json with auth?