|
|
|
|
Security in Web service api
|
|
3 points
by hoangvukenshin
3515 days ago
|
|
|
Hi everybody,
Currently, I'm building a website service which provides API for the native app. And I'm considering some solution for security like base auth and token.
Can you suggest some solution for it ?
Thank you so much. |
|
|
For auth, my favorite auth is two fold
For API access => Signature based verification, signing each and every request using a known signature algorithm with the secret key (only known to you and the app developer).
For users => Token based authentication (lots of open source solutions out there).