Reputation: 6901
How to secure web service api using OAuth 2.0 step by step in php
I have developed REST web service api in PHP and now I would like to secure it using OAuth 2.0. Basically I would like to provide token based access to the user who is accessing the web service api.
My application will be signed using Open Ids (Facebook, Twitter & Google+), I will get basic details like consumer_secret and ids from the open ids.
I have few queries :-
1) Do I need to create tables in my MySQL database and create token and store it with timestamp? And then whenever any user calls the api, we first check the token is valid or not and after that grant access to api.
Upvotes: 1
Views: 969
Answers (1)
Reputation: 36
Yes you will need to do that, but implement a OAuth server is a lot of work, better choose an existing package like https://github.com/bshaffer/oauth2-server-php or http://oauth2.thephpleague.com/
Upvotes: 2
Related Questions
- Create secure API communication
- Gotomeeting php api(oauth) implementation
- Web Service Authentication - PHP
- Implementing OAuth to REST API
- How to secure a php based webservice
- Web API Security
- How to develop api with oAuth2 step by step code
- Secure Web services with Oauth in PHP
- How Can I Authenticate Users of my API
- Securing a REST API