All threads / Secure an Open Rails API skiping the login process for thirdparties...best strategy

Ask A Question

Notifications

You’re not receiving notifications from this thread.

Secure an Open Rails API skiping the login process for thirdparties...best strategy

Eduard Garcia asked in Rails

Hi there,

I've got a Rails API that I would like to open to third parties. Basically I've got a platform where third parties can access it via API to retrieve a product list with name,category, stock, etc...

What I'm currently doing is creating a User and then asking them to first call the signin/login process and then using the JWT token to call the rest of the API.
What I would like to do is skip the signin process and generate a secure api token instead, send it to my third party for them to be passed as part of the header, kind of a permanent API token that could be used without expiry date.
Is there any gem or twisting the current strategies available, devise, jwt, etc...in order to achieve that?
Thanks!

Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 46,687+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    logo Created with Sketch.

    Ruby on Rails tutorials, guides, and screencasts for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more. Icons by Icons8

    © 2021 GoRails, LLC. All rights reserved.