Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
nitnip18134yCan't you tell who's using the website through some form of authentication? If so, you could assign roles or permissions to each client that allow them to use parts of your api.
-
nitnip18134y@BitByteBoolean maybe by "auth" they just mean having to log in manually. Just passing a token in a header might not feel like "auth" to them.
You need to have a way to tell your users apart. -
@nitnip uh any good resource for me to look on this token thing, or could you explain ? I know it was just "no log in auth" so if it can be done without i guess it is fine 👍👌
-
nitnip18134yIt's too broad a subject and I'm no expert. You can implement it in many ways.
Maybe you need every query to your site/api to have a certain key:value pair in the header.
Or maybe as a query string value. ( /get-customers/?customer_id=1&token=21kjh3jk21h3jk21h3kjh)
Related Rants
I'm making a distributed system for my exam project, but the client have a weird idea when it comes to the webpage, that we havent learned about...
If customer A (my clients customer) opens client.com/Customer, an API should be used for customer A's DB data retrieval
If customer B uses the same site customer B's API should be used instead...
Any good way to differentiate API update a single API connection by the caller of the website?
question
distributed systems
help
c#
javascript
html
project
api
js
distribution
css
exam