Stack Overflow
Stack Overflow

Questions tagged [restful-authentication]

Questions about authentication for RESTful services.

Services designed using REpresentational State Transfer architecture must often authenticate clients. How best to do this can be a complex topic, as in true REST each client request to the server will contain all the information necessary to complete it (including authentication).

Resources

1447 questions
9
votes
1 answer

Asp.Net Web Api Token Based Authorization WITHOUT OWIN and AspNet.Identity

I am planning to use the codes below for my web api security but i am not sure that is enough safe and logical way. I don't want to use OWIN and AspNet.Identity because it's very complicated for me and i don't understand completely and I don't know…
Osman Kurt
  • 91
  • 1
  • 4
9
votes
1 answer

Add Authentication to ASP.NET WebApi 2.2

I have created a WebApi 2.2 project (from an Empty New ASP.NET Project) to prove some implementation concepts and I now want to add Authentication to it. I notice that the only way to add Authentication on a new WebApi app is to use one of the (VS…
lukkea
  • 3,606
  • 2
  • 37
  • 51
9
votes
2 answers

How to authenticate client on multiple OAuth2 providers?

My REST API (api.example.com) is currently an OAuth2 provider and has been the support of a mobile app. Recently we have created a new web-site(www.example.com) which will be treated like any other client. The web can authenticate on the API by…
andrefsp
  • 3,580
  • 2
  • 26
  • 30
9
votes
4 answers

REST client that can handle login via oauth

I am working as a tester on a system based on a Rest API. Part of my job is to use different applications to POST files to the Rest API and then accessing the API directly via a Rest Client to verify that the XML is correct. So far I have been using…
Jonas Söderström
  • 4,856
  • 2
  • 36
  • 45
9
votes
5 answers

RESTful user authentication service

Hey folks, this seems to have been discussion fairly often but I want to make a simple, watered down question around doing authentication with RESTful services. The scenario is as follows: There is a system that houses registered users for an…
djunforgetable
  • 859
  • 3
  • 9
  • 16
8
votes
3 answers

RESTful Service Authentication

As per REST spec, the service is supposed to be stateless; but then it becomes difficult to enable authentication. Some of the stuff I have read said "making REST stateful is not end of the world". But that's not the point, the point is to follow…
jsf
  • 2,851
  • 9
  • 30
  • 33
8
votes
1 answer

Ruby on Rails functional testing with the RESTful Authentication plugin

I started writing functional tests for my rails app today. I use the RESTful authentication plugin. I ran into a couple confusing things I hope someone can clarify for me. 1) I wrote a quick login function because most of the functions in my rails…
Tony
  • 18,776
  • 31
  • 129
  • 193
8
votes
1 answer

Securing RESTapi in flask

The app I'm deving uses a lot of ajax calls. Unfortunately I hit a snag when researching on how to restrict access to the api. For example: i have table that does an ajax call to http://site/api/tasks/bob i need to make sure that only bob, logged…
pocorschi
  • 3,605
  • 5
  • 26
  • 35
8
votes
2 answers

What are the pros and cons of Basic HTTP authenication

I have created a REST API that uses Basic HTTP authentication. Is is restricted to SSL only. Now that it is implemented I am hearing criticisms that Basic HTTP over SSL is not secure. It would be detrimental to the project for me to "stop the press"…
Jamey McElveen
  • 18,135
  • 25
  • 89
  • 129
8
votes
4 answers

Postman: set Environment Variable

I have a POST call in Postman that returns this JSON object: { "token":…
en Peris
  • 1,537
  • 12
  • 31
  • 63
8
votes
1 answer

REST API: Simple token-based authentication - security?

I have a REST API and I'm looking for an easy way to do a secure token-based authentication. Since I've read that protocols like OAuth are very complex, I'd like to implement a simpler way. What are the common approaches? And what about the security…
Sebastian S
  • 367
  • 1
  • 6
  • 16
8
votes
3 answers

Authentication with Kong

I'm looking at Kong to replace my current hand-rolled NodeJS API gateway. Currently I have a user service that handles authentication (written in Django) by providing a JWT back upon login, which the client then passes in through a header. My…
iLikeBreakfast
  • 1,545
  • 23
  • 46
8
votes
2 answers

Rest Assured - Cannot serialize because cannot determine how to serialize content-type

I am using Rest Assured for testing API WHEN I post a request for authentication, the error occurs to say that: "java.lang.IllegalArgumentException: Cannot serialize because cannot determine how to serialize content-type…
Tri Nguyen
  • 93
  • 1
  • 3
  • 10
8
votes
2 answers

Rails Web service with authentication??? User logged in ??

Any idea how I would go about have a rails REST web service where a user can only get, put, post, delete only their own data ? I am using Devise as my user authentication gem, but I am not sure if this handles things in a RESTful manner. How would…
newbie on rails
  • 81
  • 1
  • 2
8
votes
1 answer

Codeigniter, Restful API & How to use Keys

I am using Phil Sturgeon's & Chris Kacerguis Restful server (visit here https://github.com/chriskacerguis/codeigniter-restserver) and have a general question about the use of API KEYS. I am very new to APIs and the concepts. How do KEYS work? …
spreaderman
  • 918
  • 2
  • 10
  • 39
1 2 3
96 97