Web api authentication techniques

Posted by Steve on Programmers See other posts from Programmers or by Steve
Published on 2011-01-12T18:02:21Z Indexed on 2011/01/12 18:58 UTC
Read the original article Hit count: 258

Filed under:
|
|
|
|

We have a asp.net MVC web service framework for serving out xml/json for peoples Get requests but are struggling to figure out the best way (fast, easy, trivial for users coding with javascript or OO languages) to authenticate users. It's not that our data is sensitive or anything, we just want users to register so we can have their email address to notify them of changes and track usage.

In our previous attempt we had the username in the URI and would just make sure that username existed and increment db tables with usage. This was super basic but we'd notice people using demo as a username etc so we need it to be a little more sophisticated.

What authentication techniques are available? What do the major players use/do.

© Programmers or respective owner

Related posts about security

Related posts about api