Stack Overflow
Stack Overflow

Questions tagged [restful-authentication]

Questions about authentication for RESTful services.

Services designed using REpresentational State Transfer architecture must often authenticate clients. How best to do this can be a complex topic, as in true REST each client request to the server will contain all the information necessary to complete it (including authentication).

Resources

1447 questions
8
votes
2 answers

How can I read Authorization header from a REST based WCF service?

How can I read Authorization header information from a REST based WCF service?
user27052
  • 375
  • 3
  • 8
  • 12
8
votes
3 answers

Restful API authentication recommendation?

I am developing several RESTful API for 3rd party to call, and these API need authentication (apikey & secret based), and authorization (HTTP method & URI based). Are there any existing software we can reuse that prevent me from rolling out our own…
Howard
  • 19,215
  • 35
  • 112
  • 184
8
votes
4 answers

What is the best way to extend restful_authentication/AuthLogic to support lazy logins by an anonymous iPhone?

I'm building an iPhone application that talks to a Ruby on Rails backend. The Ruby on Rails application will also service web users. The restful_authentication plugin is an excellent way to provide quick and customizable user authentication.…
Kevin Elliott
  • 2,630
  • 3
  • 23
  • 21
8
votes
2 answers

CSRF Token in REST API with authentication

I understood the purpose of the CSRF Token protection. However, I think this protection is useless and we should remove it in the case of a REST API requiring an authentication token in the header for each action. This way, even if Mallory forges a…
Zag zag..
  • 6,041
  • 6
  • 27
  • 36
8
votes
1 answer

Securing MY REST API for use with MY IOS APP only

I am designing a REST API in Laravel to be used with my ios app. Currently I am stuck on the following point: How to secure my REST API to allow access to ONLY my ios app? I have read about HTTP Basic Authentication, HMAC, oAuth2. 1) Basic…
Alex Lacayo
  • 1,462
  • 1
  • 19
  • 27
8
votes
2 answers

Add a logout button in RESTFUL authentication

I've installed RESTFUL authentication and everything seems to be working fine. i can signup and login. the only way i can logout is by typing in the URL http://localhost:3000/logout how do i add a logout button on a page? i tried adding one to the…
pixeltocode
  • 5,312
  • 11
  • 52
  • 69
8
votes
1 answer

Google App Engine: Endpoints authentication with ID and password

We have an HTML5 client accessing a Google Cloud Endpoints backend. We want to offer users a reasonable range of sign-in methods, e.g.: sign-in with an existing OpenID, or alternatively sign-up with an email and password. These seem like basic…
user3011479
  • 81
  • 2
8
votes
5 answers

How to handle security/authentication on a DNN-based web API

I am building a REST API for a DotNetNuke 6 website, making use of DNN's MVC-based Services Framework. However, I don't have any background in authentication, so I'm not even sure where to start. Basically, we want our clients to be able to make GET…
MysteriousWhisper
  • 678
  • 1
  • 9
  • 19
7
votes
1 answer

OAuth REST access_token and instance_url expiry time?

I am working with Oauth2.0. In that i could able get the access_token and instance_url. Is there any expiry time for these two. Can I store them and use it for all my REST calls without getting the new access_token and the instance_url. Is it…
Easwaramoorthy Kanagaraj
  • 3,925
  • 8
  • 36
  • 62
7
votes
1 answer

Securing Grails REST service for use with mobile applications

I am busy doing some research into using REST services with mobile applications and would appreciate some insight. The scenario is as follows. Consider a web application that provides a service to users. The web application will also be the main…
Nico Huysamen
  • 10,217
  • 9
  • 62
  • 88
7
votes
4 answers

WCF 4.0 REST username password authentication

I have been struggling with username/password authentication/authorization in a WCF 4.0 RESTfull service using the ASP.Net membership/role providers. Having spent two days trying to find something that most people agree on, I gave up. A lot of…
NVM
  • 5,442
  • 4
  • 41
  • 61
7
votes
2 answers

Authentication with a REST API

I'm building a REST API in asp.net mvc. My system uses forms authentication. Username/password or openId/fbconnect, etc. If I have the [Authorize] attribute on an action, how would an android app or a desktop app get access to the method? Or the…
Shawn Mclean
  • 56,733
  • 95
  • 279
  • 406
7
votes
1 answer

Jersey JAX-RS + Spring security application sample

Does anyone have a sample application about what is described on this answer? User authentication on a Jersey REST service
MauroPorras
  • 5,079
  • 5
  • 30
  • 41
7
votes
1 answer

cURL PHP RESTful service always returning FALSE

I am having some difficulties POSTing a json object to an API that uses REST. I am new to using cURL, but I have searched all over to try to find an answer to my problem but have come up short. My cURL request is always returning false. I know it…
stekrose
  • 73
  • 1
  • 2
  • 3
7
votes
4 answers

Licenses and sessions the RESTful way

This question crossed my mind after I read this post: “Common REST Mistakes: Sessions are irrelevant” If sessions are indeed discouraged in a RESTful application. How would you handle licenses in such application. I'm specifically referring to…
LiorH
  • 18,524
  • 17
  • 70
  • 98
1 2 3
96 97