Creating an API only for my own mobile apps. Do I need OAuth?

为君一笑 提交于 2020-01-14 03:03:35

问题


I am about to create mobile applications (iOS, android, ..) to support existing web application and now thinking how to provide a secure API (ASP.Net Web API) from my web to our mobile apps.

OAuth seems the best way to do it. From what I understand, it is designed to enable 3rd party applications written against our API. But I only use the web services just for my own apps.

Do I need to go with OAuth, or is there any simple way?


回答1:


There is a 2 legged version of OAuth that is designed for 2 party security. That said you don't need to use OAuth. A REST service is basically just an HTTP service so you can use any HTTP authentication you like, even basic authentication will work just fine. Just remember to use HTTPS to protect your passwords on the wire.



来源:https://stackoverflow.com/questions/9789685/creating-an-api-only-for-my-own-mobile-apps-do-i-need-oauth

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!