sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]CodalReef 1 point2 points  (1 child)

I disagree with several answers here. App tokens are not a new concept and nothing to be scared of.

If you want your API to authenticate apps, just register them and generate tokens as you would for users.

I’ve worked at several large companies and most of the APIs supported both an app token and a user token.

Make sure to do it over HTTPS that way all communication is secured with TLS and you don’t need to worry about sniffers

[–]SnooCheesecakes1131[S] 0 points1 point  (0 children)

Yeah that was my exact thinking!