New Discussion

Notifications

You’re not receiving notifications from this thread.

Secure an Open Rails API skiping the login process for thirdparties...best strategy

0
Rails
Eduard Garcia Eduard Garcia

Hi there,

I've got a Rails API that I would like to open to third parties. Basically I've got a platform where third parties can access it via API to retrieve a product list with name,category, stock, etc...

What I'm currently doing is creating a User and then asking them to first call the signin/login process and then using the JWT token to call the rest of the API.
What I would like to do is skip the signin process and generate a secure api token instead, send it to my third party for them to be passed as part of the header, kind of a permanent API token that could be used without expiry date.
Is there any gem or twisting the current strategies available, devise, jwt, etc...in order to achieve that?
Thanks!

Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 88,440+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.