Secure an Open Rails API skiping the login process for thirdparties...best strategy
I've got a Rails API that I would like to open to third parties. Basically I've got a platform where third parties can access it via API to retrieve a product list with name,category, stock, etc...
What I'm currently doing is creating a User and then asking them to first call the signin/login process and then using the JWT token to call the rest of the API.
What I would like to do is skip the signin process and generate a secure api token instead, send it to my third party for them to be passed as part of the header, kind of a permanent API token that could be used without expiry date.
Is there any gem or twisting the current strategies available, devise, jwt, etc...in order to achieve that?