I am building out a REST service using Flask-RESTful that will allow users to connect to their salesforce Environment and pull data.
Is it possible to secure a restful API with oauth2?! I cannot seem to find any documentation this.
I am building out a REST service using Flask-RESTful that will allow users to connect to their salesforce Environment and pull data.
Is it possible to secure a restful API with oauth2?! I cannot seem to find any documentation this.
The short answer is yes
Miguel Grinberg talks about securing your REST api (in which he talks about oauth) in his blog post here:
http://blog.miguelgrinberg.com/post/restful-authentication-with-flask
and he has a general guide to using oauth with flask here:
http://blog.miguelgrinberg.com/post/oauth-authentication-with-flask
His blog posts answered all of my questions when I was building my flask app and is in general a good resource.
** The long anser **
Oauth2 doesn't have any specific functionality that makes it better for authenticating a REST api than any other method of authentication. It's just one method of authentication. The hard part is when a user gets authenticated that they don't have to send their username and password with every request. To do this you generate a token for them and store it on the server side and store it in their session on the client side. Now all you need to do is send the token with any REST requests from the client to authenticate it. This is discussed in the first link (you can find it if you do ctrl-f token)