Endpoint is a conference organized by API developers, for API developers. The conference will be held in Amsterdam on September 5, 2014. If you develop APIs for apps, websites or other clients, there’s certainly a session that will interest you.
To give you a feeling of what to expect at the Endpoint conference we’ve talked with Kamyar Mohager, who will be in Amsterdam representing Linkedin. Kamyar will be delivering the opening keynote on September 5 at 9:00 so make sure you don’t miss it.
Tictail, a Swedish e-commerce platform that manages over 24,000 stores spread across 110 different countries, launched their API on September 16, 2013. Because Tictail’s main focus is simplicity of use, they decided to offer developers the same tools they use internally to build this new platform. According to Carl Waldekranz, Tictail CEO, they “want developers to have that same opportunity as [the company] continues to grow internationally.”
So many negatives have been brought forth in the past on OAuth 2. Where there might be continuing points of contention, there is one area which seems to be clear: the “Resource Owner Password Credentials Grant” (OAuth 2 Spec, section 4.3) pattern as defined in the OAuth 2 spec is fundamentally superior to HTTP Basic authentication.
HTTP API authentication has evolved through many forms over the years. As so-called RESTful APIs gained popularity, a variety of methods sprung up: key passing, plain-old HTTP Basic Auth, OAuth 1.0, OAuth 1.0a, OAuth 2.0 (and it’s 40 revision) and some less-common custom schemes. With the OAuth 2.0 specification finalized, things are finally starting to settle down and coalesce around a single auth mechanism. For publicly-available APIs, OAuth 2.0 should be on your list of requirements.