|
|
|
|
|
|
by alex_duf
3081 days ago
|
|
|
I would agree, always start simple - unless you manipulate sensitive data - a shared secret is a good place to start (api-key or basic/digest auth) You can always introduce other forms of authentication later. I have a slight preference for basic/digest auth as the secret isn't part of the URL, and therefore not cached/logged by any network equipment. |
|
|
edit: typo