10
Send an access token without using a parameter in the URL
source link: https://www.codesd.com/item/send-an-access-token-without-using-a-parameter-in-the-url.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Send an access token without using a parameter in the URL
advertisements
I am developing an API using Codeigniter and Oauth2 (Alex Bilbies library). The API is being used by my iPhone app. For every request I need to send along the access token as a parameter in the URL. Is there a way to send the token in a header instead? To avoid it getting "exposed"?
Thankful for all input!
OAuth 2.0 bearer tokens allow you to insert them in an HTTP Authorization header as follows:
POST /my/api HTTP/1.1
Host: rs.company.com
Authorization: Bearer abcdef123456
Where abcdef123456 is your Access Token (see: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-16#section-2.1). In fact the spec says you SHOULD do that in lieu of request parameters if it is possible.
The spec also describes many security considerations when using OAuth 2.0 bearer tokens (see: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-16#section-4)
Related Articles
Selecting a jQuery tab using a parameter in the URL
I am currently investigating replacing the tabs provided by a Struts 1 tag library with the tabs provided by jQuery UI. I have successfully managed to get the tabs integrated with the existing application but I am struggling on how to set the selecte
Using the SQLite ADO.Net provider must put the GUID directly into the where clause of the query without using a parameter
Is there anyway to just have the GUID be part of the SQL Query itself without using a parameter? Let me explain exactly what I am trying to do and why. I am working with an existing application that uses an ADO.Net to create and connect to a SQLite d
Refresh the access token without user intervention
I am using facebook sdk for android to fetch the FB data. The access_token that is received after successful login expires after a certain time. I want to refresh the token token in the background. ie; the user should nt be prompted for the credentia
How to send an e-mail without using the SMTP protocol on the site in codeigniter
I am creating contact us page in my website which is in CodeIgniter. I want to send this contact form data in my mail address. How to send email in CodeIgniter without using SMTP for website?yes you can use codeIgniter simple mail function. Example:-
How to generate the Facebook Marketing API access token for use in the Windows application
I am using Facebook as advertising platform to promote my application on Apple and Google stores. I would like to make windows service which will download daily report(s) about advertising status of my marketing campaign running one Facebook, prefera
Access the static property of a javascript class without using an instance of the class
I am trying to access the static properties of a class without using an instance of the class to do so. I tried adapting the method in this post, but to no avail. All I get is test.getInstanceId is not a function Based on how I am creating the class
How to get an access token with OAuth 2.0 in the Android Unity application?
I have the following scenario that needs to be implemented for our game: we use GameSparks and silent device authentication and if our player wants to get his data on the other devices, we give him an opportunity to register a new account using usern
Pass a parameter in a link without making it visible in the URL
I have a table containing editing links. In the href of the links I am passing a parameter to edit a record, but that parameter passed by $ _GET, is seen in the url, and I do not want that variable to be in the url. Is there any way to pass this valu
GridView passes the parameter in the URL and uses it in another page
I'm able to pass the parameter in the URL, however, i'm unsure of how to grab that ID on the next page. I'm using a GridView to pass the parameter onclick, below is the code i'm using. protected void GridView1_RowDataBound(object sender, GridViewRowE
Joomla 3: How can I use the raw format without adding raw format to the URL?
I would like to load view.raw.php as a raw view just like if I has appended view=raw to the URL. But I would like to do it without adding view=raw to the URL. I have tried the following inside my main controller and none work: First I tried this: JFa
Include the $ _GET parameter in the URL only if the & ldquo; is selected & rdquo;
I have searched and searched for the answer, but I have had no luck whatsoever. I have a form with four Selects and only the first Select is required. These Selects have the Options populated by a JS script pulling from my database to make a dynamic
Adding the second parameter to the URL in the rails
I am trying to add a second parameter to the URL (and still keep the first parameter). eg I have the url /shops?sorting=alphabetically, and want to add the parameter currency=CAD %form{action: shops_path(params.merge!({currency: params[:currency]}))}
Add a parameter to the URL?
Possible Duplicate: Adding a parameter to the URL with JavaScript If I wanted to add 2 suppose name and id values to URL. How can I do that using JavaScript? Suppose we have URL: http://localhost/demo/, then how to add these 2 parameters. "http://loc
How to pass a parameter in the URL of a submission form in Struts2
I am doing a project in Struts2 where I need of setting a parameter in URL like user parameter in below link. I want this parameter to be passed when I click a form submit button and not any links separately. I know how to do this with <s:url> but t
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK