I'm writing an API where partners will ingest my content. There is no user data to speak of, and it's all-or-nothing access. I'd eventually like to be ab开发者_JAVA百科le to restrict some partners to certain elements of the site, but that's down the road.
Does a two-legged oAuth fit my needs well, or should I just provide an API key and a secret key to use in signing the requests? I feel like oAuth might be overkill.
Thanks!
This blog post is a little old, but has some good info.
http://blog.apigee.com/detail/do_you_need_api_keys_api_identity_vs._authorization/
It sounds like an API key would be your best bet for now...who knows, you may never need oAuth, but you could always migrate to it in the future.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论