Hi Guys, I'm trying to figure out how to manage access to the API side of my app that I'm hosting on OpenBD and present the CFC/function info to API users.
Basically, I need to make some functions available to remote users and 3rd party apps. 1. Has anybody written an API before and do you have any standards/guides I could read? 2. What's a good way to manage API keys? Should each user get their own API key? Or just create an API key for any developer that wants to get access. I was thinking I could keep a table of API keys, and it would just list each registered api user. I was thinking I'd make any developer that wanted to access the API do so via their user account. Basically, user registers for the site, then applies for an API key. If approved, they get an API key associated to their account. Then if they want to build an app based on the API, the app would be able to access the functions by providing it's API key. I was also thinking every function would require an API Key, so I'd have to create an API key for own stuff too. Table layout - API ID - API KEY - userID 0 - 3132413432 - 0 -- #userID of 0 is internal access 1 - 3132412342343 - 0 3. So far, I'm keeping a text file that outlines each function. I'll eventually format it nicer, but this is the information I'm collecting that I'd pass to a developer that may want to use it. Any advice on other info to include? how to format this? <!--- Function --- --- --- --- --- ---> FunctionName - updatePass Component - users Use - updates user Password Arguments name="userID" type="numeric" required="true" default="" hint="user's email" name="key" type="string" required="true" default="" hint="pw reset key" name="password" type="string" required="true" default="" hint="new user password" name="passwordConfirm" type="string" required="true" default="" hint="new user password confirm" Return - Success updatePassResults.success Return - Error updatePassResults.error updatePassResults.passwordBlankError updatePassResults.passwordLongError updatePassResults.passwordShortError updatePassResults.passwordMatchError updatePassResults.passwordConfirmError updatePassResults.passwordHintError Internal Example <cfset updatePassResults = application.users.updatePass(userID=456, password=password, passwordConfirm=password, passwordHint=hint)> Http example http://details.at/config/cfc/users.cfc?method=updatePass&userID=456&password=password&passwordConfirm=password&passwordHint=hint <!--- End Function --- --- --- --- --- ---> -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en
