Security of Web API

Question

Security of Web API

stevej

Hi,

I'm integrating the LimeLM Web API into our cloud backoffice app and I'm a bit concerned the only security seems to be SSL and the api_key.

Am I being overly concerned or is there some additional security I can apply? (Basic, Oauth1.0/2.0??

CheersSteve

Aug 27, 2015

Wyatt O'Day · Answer 1 · 2015-08-27T14:20:56Z

HTTP Basic Auth / Oauth 1 or 2 and the dozen or so spinoffs provide no useful benefit over an API key over HTTPS, especially for the use case of the web API.

Just a few things you should note: an API key should never be embedded inside an app that the customer will have access to the binary and/or source code.

But other than that you'll be fine.

LimeLM
Overview Pricing & Sign up Why LimeLM? Tour Log in Help
wyBuild
Overview Pricing & Buy Features What's new Help
Support forum
wyDay blog
wyDay Home
Downloads Buy Contact us Careers

Guest name
Youʼre not logged-in, but you can still post as a guest.

Email