I have an implementation for an internal API, the requirement is to implement some sort of basic authentication instead of oauth (generating a token).

Do you think there’s any difference between using just an API key vs using a client id + secret?
For what I see it’d be just like saying “using a password” vs “using a user and a password”.

  • @[email protected]
    link
    fedilink
    English
    31 year ago

    It pretty much is like that. Oauth is also useful passing a user’s identity from one service to another.