How does User Authentication work with API?

[Harry Kautzman II]

There was mention that OAuth is a ways off, so what is the current user authentication mechanism to be able to validate the user and get permission to access their information?  

Some of the calls take an access_token which I'm guessing is a user access token to grab their data, but I didn't see mention of how to acquire the access_token in the api docs.

[Anthony Pelosi]

Harry,

Good question. Cloudmade used some internal web services we have for authenticating with the Magellan GPS user accounts to get the access_token when building the Magellan Active website. But we obviously need to produce a wrapper around those authentication services for 3rd party developers using the Magellan Active web services. Those internal web services for Magellan GPS user account authentication require username and password and return the access_token. So the user will have to provide you with their Magellan GPS username (email) and password in order for you to get their access_token. It looks like the username and password is passed as clear text in the xml request for that web service.

I will follow up after speaking with Cloudmade.

-- 

Anthony (Tony) Pelosi

Magellan GPS, Fitness Division

Product Development Lead

cell: 415-644-8969

office: 408-615-5177

fax: 408-615-5187

ape...@magellangps.com

--
You received this message because you are subscribed to the Google Groups "Magellan Active Developers" group.
To view this discussion on the web visit https://groups.google.com/d/msg/magellan-active-developers/-/JXUAIDNhDUkJ.
To post to this group, send email to magellan-acti...@googlegroups.com.
To unsubscribe from this group, send email to magellan-active-dev...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/magellan-active-developers?hl=en.