On May 27, 2014, at 8:30 AM, salles pro <[email protected]> wrote:
> i would like to have a Token based auth with Sync-gateway, like you have done > with facebook. Facebook auth is complicated because auth credentials generated by one server (Facebook’s) are being used to authenticate to a different server (Sync Gateway), without there being any trust relationship between FB and SG, and without the user having to trust SG with their FB password. Is that the same kind of situation you’re in? I ask because if you control the server that authenticates the user, then you don’t have to have a setup as complicated as the FB login. All you need to do is have your app authenticate to your server, then your server makes an admin API call to SG to generate a session cookie, then your server sends that cookie back to the app to use with SG. —Jens
smime.p7s
Description: S/MIME cryptographic signature
