API Key
13 views
Skip to first unread message
Leon Barrett
Aug 12, 2011, 4:49:04 AM8/12/11
to Beanstalk API Developers
Hi Guys,
With all the great activity going on around the use of the API, do we
think now would be a good time to introduce another method of
authentication such as an API key?
I was thinking something like an api send as part of a HTTP header
with each request?
Just an idea?
Thanks,
Leon
With all the great activity going on around the use of the API, do we
think now would be a good time to introduce another method of
authentication such as an API key?
I was thinking something like an api send as part of a HTTP header
with each request?
Just an idea?
Thanks,
Leon
Björn
Aug 12, 2011, 5:17:45 AM8/12/11
to Beanstalk API Developers
I totally agree with you. Its awkward to use my actual login with
basic authentication. The API should provide its own means of
authentication.
An api key or token is more common. Have a look at http://developer.37signals.com/basecamp/
. I really like their approach. The token is enabled in your account
settings. You can always generate a new token if you believe your
token was compromised. No need to change my actual password. The token
is used with basic authentication. Just use the token as username and
write whatever you like for the password.
basic authentication. The API should provide its own means of
authentication.
An api key or token is more common. Have a look at http://developer.37signals.com/basecamp/
. I really like their approach. The token is enabled in your account
settings. You can always generate a new token if you believe your
token was compromised. No need to change my actual password. The token
is used with basic authentication. Just use the token as username and
write whatever you like for the password.
Alex Hillman
Aug 15, 2011, 4:26:47 PM8/15/11
to beanstalkapp-...@googlegroups.com
Hey Gang,
We're going to take a look at options for this. We'll be in touch soon. Thanks for prompting the discussion!
-Alex
/ah
wildbit.com
--
You received this message because you are subscribed to the Google Groups "Beanstalk API Developers" group.
To post to this group, send email to beanstalkapp-...@googlegroups.com.
To unsubscribe from this group, send email to beanstalkapp-api-de...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/beanstalkapp-api-developers?hl=en.
Björn
Aug 18, 2011, 4:00:45 AM8/18/11
to Beanstalk API Developers
Here is how its done at Amazon S3.
http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?RESTAuthentication.html
They use a HMAC-SHA1 authentication schema. Parts of the requests are
hashed as well. This way every request has a different signature
(hash).
On Aug 15, 10:26 pm, Alex Hillman <dangerouslyawes...@gmail.com>
wrote:
http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?RESTAuthentication.html
They use a HMAC-SHA1 authentication schema. Parts of the requests are
hashed as well. This way every request has a different signature
(hash).
On Aug 15, 10:26 pm, Alex Hillman <dangerouslyawes...@gmail.com>
wrote:
> Hey Gang,
>
> We're going to take a look at options for this. We'll be in touch soon.
> Thanks for prompting the discussion!
>
> -Alex
>
> /ah
> wildbit.com
>
>
> We're going to take a look at options for this. We'll be in touch soon.
> Thanks for prompting the discussion!
>
> -Alex
>
> /ah
> wildbit.com
>
Chris Barr
Aug 18, 2011, 3:40:26 PM8/18/11
to Beanstalk API Developers
I think the Amazon S3 authentication would be a little overkill for
use here - and can be quite a down-right pain to use at times.
But I would welcome some sort of API key potentially resembling
Basecamp's method.
Chris
On Aug 18, 9:00 am, Björn <raupach.bjo...@googlemail.com> wrote:
> Here is how its done at Amazon S3.http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?REST...
use here - and can be quite a down-right pain to use at times.
But I would welcome some sort of API key potentially resembling
Basecamp's method.
Chris
On Aug 18, 9:00 am, Björn <raupach.bjo...@googlemail.com> wrote:
> Here is how its done at Amazon S3.http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?REST...
Reply all
Reply to author
Forward
0 new messages