I am building a REST based api for my Android app. I use access tokens and basic header authentication currently. Any suggestions to improve the authentication process?
2
-
depends on tons of parameters. are you connecting with any social network? do you want to let users connect with external accounts, like oauth?njzk2– njzk22012-10-04 14:18:03 +00:00Commented Oct 4, 2012 at 14:18
-
I have my own apis, I want to ensure that the calls are coming only from my appVikram Kamath C– Vikram Kamath C2012-10-05 04:40:50 +00:00Commented Oct 5, 2012 at 4:40
Add a comment
|
2 Answers
I suggest to use the OAuth protocol to manage API authentication. You can read more about this protocol here: http://oauth.net/.
Comments
+1 ezimuel - "OAuth" is an excellent suggestion.
However, I was surprised to see the link Getting Started with the Tasks API and OAuth 2.0 on Android was deprecated.
Please check out these links:
Google Play Authorization: http://developer.android.com/google/play-services/auth.html (also uses OAuth 2.0)
Authenticating to OAuth 2.0 Services: http://developer.android.com/training/id-auth/authenticate.html
OAuth and REST in Android (1): http://simpleprogrammer.com/2011/05/25/oauth-and-rest-in-android-part-1/
OAuth and REST in Android (2): http://simpleprogrammer.com/2011/06/04/oauth-and-rest-in-android-part-2/
