Stack Overflow
Stack Overflow

Questions tagged [restful-authentication]

Questions about authentication for RESTful services.

Services designed using REpresentational State Transfer architecture must often authenticate clients. How best to do this can be a complex topic, as in true REST each client request to the server will contain all the information necessary to complete it (including authentication).

Resources

1447 questions
24
votes
6 answers

rails - InvalidAuthenticityToken for json/xml requests

For some reason I'm getting an InvalidAuthenticityToken when making post requests to my application when using json or xml. My understanding is that rails should require an authenticity token only for html or js requests, and thus I shouldn't be…
Optimate
  • 412
  • 2
  • 6
  • 11
24
votes
2 answers

RESTful authentication for web applications

Hi already wrote this observation and question on this question earlier, but only later noticed that it was an old and "dead" question. As I'd really like some insights from others, I'm reposting it as a new question. To the question of how to do…
skrebbel
  • 9,841
  • 6
  • 35
  • 34
23
votes
3 answers

Spring Security Token Authentication - RESTful JSON Service

I'm looking to use Spring Security for a Spring MVC application which will strictly be a JSON web service. I've done some research and read a few articles but haven't really found anything complete. I want the application to be completely stateless…
greyfox
  • 6,426
  • 23
  • 68
  • 114
22
votes
1 answer

How to serve HLS streams from S3 in secure way (authorized & authenticated)

Problem: I am storing number of HLS streams in S3 with given file structure: Video1 ├──hls3 ├──hlsv3-master.m3u8 ├──media-1 ├──media-2 ├──media-3 ├──media-4 ├──media-5 ├──hls4 ├──hlsv4-master.m3u8 …
mkorszun
  • 4,461
  • 6
  • 28
  • 43
22
votes
2 answers

how to authenticate RESTful API in Laravel 5?

How to authenticate RESTful API in Laravel 5? I am using Laravel 5 to build a RESTful API & I want to use those API for mobile application. I have also seen http://laravel.com/docs/5.0/authentication but not getting any related example so,please…
Vaibhav
  • 325
  • 1
  • 2
  • 10
22
votes
3 answers

Implementing an RESTful API Authentication using tokens (Yii/Yii2)

I am building an API in Yii 1.x which will be used with a mobile application. Part of the process involves a login (with a username and password) using the following JSON request below:- // Request sent with username & password { "request" : { …
Zabs
  • 13,852
  • 45
  • 173
  • 297
21
votes
3 answers

Where do I need to use JWT?

The structure and protocol aside, I was wondering where JWT fits into client/server communication? Is it here to replace authentication and session cookies? Is it here to relieve servers of storing session tokens in a database or memory? Is it for…
el_shayan
  • 2,735
  • 4
  • 28
  • 42
21
votes
2 answers

How to protect a Web API using ASP.NET 5 MVC 6

I have a nice ASP.NET 5 / MVC 6 app up and running. Essentially for this purpose it is just the normal sample app you get when you start a new project to keep it simple. So far I can: Register a user Login Logout Protect a page (forcing login…
Samurai Ken
  • 810
  • 8
  • 25
20
votes
1 answer

Adding Headers and Post data in RESTfull/HTTP Request in C#

I'm having problems with sending POST request in C# and it seems I misunderstood some HTTP basics. So basically I'm implementing RESTfull service client, which work as follows: Make POST request with username/password and get token Use this token…
Azho KG
  • 1,161
  • 1
  • 13
  • 25
19
votes
3 answers

Identity Server(OAuth2) implementation with integration to legacy systems(Forms Auth, ADFS,AD)

We are currently building a RESTful API(.Net Core, IdentityServer 4, EF6). We have released an MVP version of it. It also references a WCF service. This WCF service orchestrates all other calls to other internal (Legacy systems) and other…
tinonetic
  • 7,751
  • 11
  • 54
  • 79
19
votes
2 answers

How do you prevent brute force attacks on RESTful data services

I'm about to implement an RESTful API to our website (based on WCF data services, but that probably does not matter). All data offered via this API belongs to certain users of my server, so I need to make sure only those users have access to my…
Adrian Grigore
  • 33,034
  • 36
  • 130
  • 210
18
votes
2 answers

Why is my spring boot stateless filter being called twice?

I'm trying to implement stateless token-based authentication on a rest api I've developed using Spring Boot. The idea is that the client includes a JWT token with any request, and a filter extracts this from the request, and sets up the…
Ric
  • 808
  • 1
  • 6
  • 18
17
votes
4 answers

Salesforce REST API Login?

I am examining a sample which is in the salesforce developer site. In that sample when we click a link it will be redirected to the salesforce login page. If the login successful, then an access token is issued. I dont want my application to…
Easwaramoorthy Kanagaraj
  • 3,925
  • 8
  • 36
  • 62
17
votes
1 answer

Exposing Rails/Devise Authentication to iOS application

I have a rails 3.1 application that uses Devise for Authentication with a simple User model with email,password etc. I need to be able to authenticate from an iphone application. How do I expose this functionality? Broad answers are fine as I am not…
Undistraction
  • 42,754
  • 56
  • 195
  • 331
17
votes
2 answers

Getting Access to HttpServletRequest object in restful web service

I can get access to the HttpServlet Request object in a soap web service as follows: Declaring a private field for the WebServiceContext in the service implementation, and annotate it as a resource: @Resource private WebServiceContext context; To…
Surya
  • 494
  • 3
  • 11
  • 23
1 2 3
96 97