This video deals with the problem of authentication in REST APIs on behalf of users. It presents an overview of OAuth, which is an open standard for authentication that is common in REST APIs.
- View Offline
- [Instructor] This diagram shows the authentication flow.…It was taken from OAuth's official website.…The first step towards authentication…is asking for a request token.…The client asks the server for a request token.…In the request, the client includes…his consumer key or API key,…and uses a consumer secret to sign the request.…The client also includes a call-back URL…that the server will use later on.…This is shown in step A.…Once the server verifies a client, it sends back…a request token and a secret key, as shown in step B.…
The client then redirects the user or resource owner…to the authentication URL on the server.…It includes a request token in the URL,…so that the server can know which app it is authenticating.…This is shown in step C.…On a server's website, the user or resource owner…is asked to log in and grant permission for the client…to access the protected resources.…When the client logs in, the server redirects the user…to a call-back URL that was sent in step A.…The server includes a temporary token…
This Node.js training course gives you an overview of a RESTful API and the logical steps of building one. It explores three different APIs, focusing on their similarities and differences to effectively implement one. Author Saleh Hamadeh starts off by defining APIs, showing how they can be built on top of HTTP and listing the properties that make an API RESTful. Then learn how to develop Twitter Notes, a sample web application that lets its users leave notes for their Twitter friends. You'll use Twitter's API to implement a login flow and then design a web API. In addition, you'll get a closer look at two other real-world APIs—Facebook API and GitHub API. Finally, learn some best practices to keep APIs secure, maintainable, and efficient.
- Identifying REST resources
- Setting up the development environment
- Consuming a RESTful API
- Creating an OAuth login request
- Getting an access token
- Saving data in MongoDB
- Building a RESTful API
- Looking at APIs in the real world
- Best practices for building RESTful APIs