|
|
|
|
|
|
by brianshaler
3071 days ago
|
|
|
> password entered encrypts and stores that on disc, then each time it wants to talk to us it can decrypt its password. Is there a reason you don't want to use tokens? Upon authenticating once (admin, manually), the web service would generate a token, which it would store and potentially have to revoke. With something like OAuth, the token could be more temporary and automatically replaced during each use, to avoid having one secret (whether it be a password or token) that could be leaked and used by multiple clients. |
|
|