Where to Perform Authentication in REST API Server?
- by David V
I am working on a set of REST APIs that needs to be secured so that only authenticated calls will be performed. There will be multiple web apps to service these APIs. Is there a best-practice approach as to where the authentication should occur?
I have thought of two possible places.
Have each web app perform the authentication by using a shared…