Author Archives: John Sheehan

About John Sheehan

John Sheehan is a co-founder of Runscope and formerly of IFTTT and Twilio. John is also the creator of API Jobs, API Digest and co-host of Traffic and Weather - the API & cloud podcast. You can follow him on Twitter or App.net.

Authentication: Don’t be Clever

HTTP API authentication has evolved through many forms over the years. As so-called RESTful APIs gained popularity, a variety of methods sprung up: key passing, plain-old HTTP Basic Auth, OAuth 1.0, OAuth 1.0a, OAuth 2.0 (and it’s 40 revision) and some less-common custom schemes. With the OAuth 2.0 specification finalized, things are finally starting to settle down and coalesce around a single auth mechanism. For publicly-available APIs, OAuth 2.0 should be on your list of requirements.

Continue reading “Authentication: Don’t be Clever” »