I want to develop an in house REST API for a web application with the view of opening it up the public in time. Knowing fully well that once the api is accessible in the public space, the need for authentication comes in. This api is to be built on codeigniter using phil sturgeon REST library for codeigniter. So how do i implement an authentication system like Oauth in my api like twitter,facebook, etc do. I would appreciate if you point me to the right resources. Thanks
2
-
Did you implement this? I'm thinking about doing something similar and want to see how you ended up implementing your solution.Adam Mendoza– Adam Mendoza2015-03-23 01:30:53 +00:00Commented Mar 23, 2015 at 1:30
-
Check out php league's oAUTH packageMrFoh– MrFoh2015-03-23 05:46:54 +00:00Commented Mar 23, 2015 at 5:46
Add a comment
|
1 Answer
First you need to figure out who you authenticate and what is being authorized. In a typical OAuth case you'll have applications (with credentials: id/secret) being authenticated. Also optionally you will authenticate users (with username/password) and ask them if they authorize the application to perform the action.
Next you need to decide which actions (in case of REST, resources) need to be protected.
And lastly choose between Oauth 1.0 and 2.0, since they are quite different.
Those are most important things that relate to any OAuth project, regardless of implementation.
Comments
