Send an access token without using a parameter in the URL
source link: https://www.codesd.com/item/send-an-access-token-without-using-a-parameter-in-the-url.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Send an access token without using a parameter in the URL
I am developing an API using Codeigniter and Oauth2 (Alex Bilbies library). The API is being used by my iPhone app. For every request I need to send along the access token as a parameter in the URL. Is there a way to send the token in a header instead? To avoid it getting "exposed"?
Thankful for all input!
OAuth 2.0 bearer tokens allow you to insert them in an HTTP Authorization header as follows:
POST /my/api HTTP/1.1
Host: rs.company.com
Authorization: Bearer abcdef123456
Where abcdef123456 is your Access Token (see: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-16#section-2.1). In fact the spec says you SHOULD do that in lieu of request parameters if it is possible.
The spec also describes many security considerations when using OAuth 2.0 bearer tokens (see: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-16#section-4)
Related Articles
Selecting a jQuery tab using a parameter in the URL
Using the SQLite ADO.Net provider must put the GUID directly into the where clause of the query without using a parameter
Refresh the access token without user intervention
How to send an e-mail without using the SMTP protocol on the site in codeigniter
How to generate the Facebook Marketing API access token for use in the Windows application
Access the static property of a javascript class without using an instance of the class
How to get an access token with OAuth 2.0 in the Android Unity application?
Pass a parameter in a link without making it visible in the URL
GridView passes the parameter in the URL and uses it in another page
Joomla 3: How can I use the raw format without adding raw format to the URL?
Include the $ _GET parameter in the URL only if the & ldquo; is selected & rdquo;
Adding the second parameter to the URL in the rails
Add a parameter to the URL?
How to pass a parameter in the URL of a submission form in Struts2
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK