Revisions to REST API Login Pattern

I suggest replacing the [api] tag with [restapi]. The [api] tag-wiki - https://stackoverflow.com/tags/api/info - explicitly says "DO NOT USE". Also see the [restapi] tag-wiki - https://stackoverflow.com/tags/restapi/info, "Use this tag if your question involves a REST API you are building or using".

Link

edit approved Mar 24, 2021 at 4:48

Henke

5.9k
6
41
54

Question Protected by Ashwini Chaudhary

occurred Oct 3, 2013 at 10:22

Notice removed Authoritative reference needed by Scott Roepnack

occurred Dec 26, 2012 at 19:58

Bounty Ended with Akim's answer chosen by Scott Roepnack

occurred Dec 26, 2012 at 19:58

Notice added Authoritative reference needed by Scott Roepnack

occurred Dec 19, 2012 at 17:03

Bounty Started worth 50 reputation by Scott Roepnack

occurred Dec 19, 2012 at 17:03

updated wiki tags

Link

edited Dec 17, 2012 at 16:05

Scott Roepnack

2.7k
5
22
36

api rest design-patterns

Rollback to Revision 1

Source Link

edited Dec 17, 2012 at 15:43

Scott Roepnack

2.7k
5
22
36

I am creating a REST api, closely following apigee suggestions, using nouns not verbs, api version baked into the url, two api paths per collection, GET POST PUT DELETE usage, etc.

I am working on the login system, but unsure of the proper REST way to login users. I am not working on security at this point, just the login pattern or flow. (Later we will be adding 2 step oAuth, with an HMAC, etc)

Possible Options

A POST to something like https://api...com/v1/login.json
A PUT to something like https://api...com/v1/users.json
Something I have not though of...

What is the proper RESTREST style for logging in users?

I am creating a REST api, closely following apigee suggestions, using nouns not verbs, api version baked into the url, two api paths per collection, GET POST PUT DELETE usage, etc.

I am working on the login system, but unsure of the proper REST way to login users. I am not working on security at this point, just the login pattern or flow. (Later we will be adding 2 step oAuth, with an HMAC, etc)

Possible Options

A POST to something like https://api...com/v1/login.json
A PUT to something like https://api...com/v1/users.json
Something I have not though of...

What is the proper REST style for logging in users?

I am creating a REST api, closely following apigee suggestions, using nouns not verbs, api version baked into the url, two api paths per collection, GET POST PUT DELETE usage, etc.

I am working on the login system, but unsure of the proper REST way to login users. I am not working on security at this point, just the login pattern or flow. (Later we will be adding 2 step oAuth, with an HMAC, etc)

Possible Options

A POST to something like https://api...com/v1/login.json
A PUT to something like https://api...com/v1/users.json
Something I have not though of...

What is the proper REST style for logging in users?

highlighted code

Source Link

edited Dec 17, 2012 at 15:41

Scott Roepnack

2.7k
5
22
36

Loading

Source Link

asked Dec 17, 2012 at 15:05

Scott Roepnack

2.7k
5
22
36

Loading

Collectives™ on Stack Overflow

Return to Question