Evernote uses Thrift as the transport for all external (client-service) communications. We do an in-bound "authenticationToken" parameter for all relevant API calls:
http://www.evernote.com/about/developer/api/ref/ The auth token is received either via a username + password: http://www.evernote.com/about/developer/api/ref/UserStore.html#Fn_UserStore_authenticate Or via OAuth for web services.
On 4/17/10 10:46 AM, Bjørn Borud wrote:
how do you handle authentication with thrift? do you use an in-band auth-credentials parameter to method calls? -Bjørn
