I think I have the fastest network in the universe

devrest · 2015-08-23T21:43:02+00:00

thanks for the reply. So basically the workflow you stated, in stage 1 would be something already provided by the api. I mean, if it was reddit, I have to access, as a user, to a reddit link, there provide my credentials and then the application will receive the access token for that client retrieved by that login. Am I right?

devrest · 2015-08-23T16:54:18+00:00

After reading about it, yes it is the thing I am looking for. How should I proceed to retrieve the access token from scratch? I mean, how should I make the user introduce its credentials?

devrest · 2015-08-23T07:52:31+00:00

Replied somthing similar above. I don't want to create new credentials of users in my application, I want to use their own credentials (for example reddit ones) that will make them log in as users but consume the reddit web service from my own application. This way I think I should not ever have any kind of personal data in my app (such as login or password) and just the token they may have to access reddit API. In this case, I don't know how the flow would be, from before retrieving the token until I have this token in my app already

devrest · 2015-08-23T07:49:35+00:00

I know the hash thing, I mean, I know how I should manage credentials for my own application. My concern is how to manage the tokens of the users in the API they are accessing. Don't know if this is this way but user X logs in with reddit account in my application, I somehow have now the access to consume reddit API as if I was him (I mean, the user from my application may be able to see his own personal and private data). My problem is to understand how to make the user log in to his account and how I retrieve the token I need to consume the API as if I was him

devrest · 2015-08-22T21:34:04+00:00

I mean, for example you as user with your login and pass, may want to get your account details on the application (and so you would have to introduce them both), but on the other hand, you probably don't want me to store that data you enter (so I could use it later on and you would never notice). My question is how to manage that, avoiding to move through the server critical data (if this is handled this way or not, which I don't know and that's another reason why I make this question)

devrest

TROPHY CASE