

Ask HN: How do you implement authentication in your REST API? - anujkk

I'm creating a web service that I want to expose as a REST API so that developers are able to create apps for it. I want them to be able to create/manage user accounts and authenticate using API. How will you handle this? OAuth or something else?
======
countessa
Well, I've got something similar that I've implemented client side certs on -
works well for our case, which is a private api where new clients are vetted
before they get to use the api.

------
gamache
I used https. Encrypted secrets go over the wire. Easier than OAuth for the
programmer, as long as you can spare the overhead for the SSL handshakes.

------
dworrad
In node.js I use everyauth library - it has support for many oAuth providers.

