I've developed an API. I got confused and I've been reading articles for days. Actually my question is close to these but not exact (maybe a combination of them);
Securing REST API that will accessed from different clients
Secure no-login REST API for very few clients
I need to provide safety to my API. The API will used by client 3rd party applications. I've attached a schema the below.
What should I do?
HTTP-Basic with SSL\TLS, HTTP-Digest with SSL\TLS, OAuth 2.0 [Client Credential, Authorization Code Grant or Implicit Grant] or what else should be?
Aucun commentaire:
Enregistrer un commentaire