Home > Software design >  Api Authentication Methods
Api Authentication Methods

Time:01-04

I've created a small wishlist project.

I wan't to serve an API for users, which have an API Key.

My webserver run on TLS (HTTPS). It is safe for users to send api key in clear in the http headers like that ?

curl -H "Authorization: api_key MY_APP_API_KEY" https://myapp.example.com

Otherwise, what should I use ?

I would like not to use OAuth2, which is too complex for my little project.

CodePudding user response:

Yes it is perfectly safe.. HTTPS encrypts all message contents, including the HTTP headers and the request/response data.

Page link:https//www.codepudding.com/Softwaredesign/250184.html

Prev:API or JavaScript inconsistencies
Next:'Cannot access database on the main thread since it may potentially lock the UI for a long peri
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding