Hello to anyone out there!! I've just gotten back from RESTFest and it was a really great experience-- everyone there was really nice and I learned a lot, so if you're at all interested in REST/hypermedia, I highly recommend going next year!!
I talked a bit about adding ALPS to
rstat.us and I'd love any feedback anyone has :)
http://vimeo.com/49613736I'd also like to propose a few extensions/modifications to the ALPS microblogging spec based on my experiences, and the first one I'd like to offer up for discussion is to allow OAuth to be used for authentication. The spec currently states:
"Servers MAY require clients to support
HTTP Authentication (BASIC or DIGEST) for some requests."
and I'd like to propose some variant of:
"Servers MAY require clients to support OAuth Authentication (1.0 (RFC 5849 [1]) or latest rev of 2.0 [2]) for some requests."
I realize there are issues with OAuth [3], but it's becoming a common strategy for authenticating through APIs. Thoughts???
Thanks,
Carol
[1] -
https://tools.ietf.org/html/rfc5849[2] -
https://tools.ietf.org/html/draft-ietf-oauth-v2-31[3] -
http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/