Commit f2385720 by Carsten Brandt

Update rest-authentication.md

parent eefa4e52
...@@ -6,7 +6,7 @@ be used. Therefore, each request should come with some sort of authentication cr ...@@ -6,7 +6,7 @@ be used. Therefore, each request should come with some sort of authentication cr
the user authentication status may not be maintained by sessions or cookies. A common practice is the user authentication status may not be maintained by sessions or cookies. A common practice is
to send a secret access token with each request to authenticate the user. Since an access token to send a secret access token with each request to authenticate the user. Since an access token
can be used to uniquely identify and authenticate a user, **API requests should always be sent can be used to uniquely identify and authenticate a user, **API requests should always be sent
via HTTPS to prevent from man-in-the-middle (MitM) attacks**. via HTTPS to prevent man-in-the-middle (MitM) attacks**.
There are different ways to send an access token: There are different ways to send an access token:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment