API Design: HTTP Basic Authentication vs API Token

Question

I\'m currently creating an authentication system on front of a public web API for a web application. Given that each user account has an API key and each request must be authent

Answer 1

Many times I had to think about how to authenticate users/requests onto APIs and after comparing more solutions I ended up with using the Amazon's solution where I don't need or I can't use OAuth. This solution is based on signatures that prevents from "man in the middle" problems as Basic Auth and passing a simple token are sending plain text data. Yes you can add ssl but this will add complexity to the system...