Welcome Guest, Not a member yet? Register   Sign In
Best way to implement public access token
#1

Hello CodeIgniters!
I am just getting started on my journey using CodeIgniter. So far, I LOVE it!
I am creating a RESTful API. This is the first RESTful API I have ever created so I am new to that as well.
I will have 2 websites.
  • 1st site: users can create account, login, access portal
  • 2nd site: will be the actual API
Both websites will have a separate database. I want the API database by itself.

I need to make sure that API requests are made only by registered clients.

I was thinking that in the main website database I can store the username, password, email, and a public API key (to link it to their account). In the API database, I can store the username and the public API key so that it's accessible for verification.

The main website can make a call to the API to insert the username and API key that is linked to the account on the main website.

Is this the best way to do this? If so, how can I verify a valid API key is supplied in the request? Should I make it part of the JSON get/post request that is sent to the API then before processing the request, make sure the API key is valid?

I'm open to any suggestions or different implementation ideas.
Reply
#2

You can read this article should help you out.

PHP cURL API calls with authentication (REST GET POST)
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
#3

best way is jwt token
Enlightenment  Is  Freedom
Reply
#4

(10-24-2021, 09:27 AM)paliz Wrote: best way is  jwt token

Is there a way to use JWT in that way? Where the user doesn't have to "login," but just supplies an access token?
Reply




Theme © iAndrew 2016 - Forum software by © MyBB