How to secure API request with Zenno?

bambinou

Client
Регистрация
22.08.2011
Сообщения
436
Благодарностей
21
Баллы
18
Hi all,

Has anyone pleayed with Zenno and POST request to an API endpoint?
What is the best way to protect my endpoint and only allow Zenno to post there?
I was thinking about a token exchange, but in this case, where do you save the Token in Zenno so it works on all the instances?

Thanks
 

lokiys

Moderator
Регистрация
01.02.2012
Сообщения
4 770
Благодарностей
1 181
Баллы
113
Not sure i understand right.

API endpoints are usually in website backend, thats where it is secured in some way.
That's not zenno task at all.
 

bambinou

Client
Регистрация
22.08.2011
Сообщения
436
Благодарностей
21
Баллы
18
Sorry for not explaining better.
Usually when you access an endpoint via a mobile phone, for example, a login, you exchange a token with the app(from the endpoint), so future endpoint access is authorised via the token.
With Zenno I would like to authorise an endpoint access but would neeed to exchange a token, then reuse this token in future requests.

How do you deal with POST and GET request, is there something like Axios that I am familiar with? And how would you save your token during the endpoint request?

Thanks
 

lokiys

Moderator
Регистрация
01.02.2012
Сообщения
4 770
Благодарностей
1 181
Баллы
113
It depends on app authorisation type.
Usually when you do a POST request to login endpoint with username and password parameters, you get a response.
That's where your token should be. Usually in the HEADER.
Then you have to scrape it out and use in your future requests.
 

bambinou

Client
Регистрация
22.08.2011
Сообщения
436
Благодарностей
21
Баллы
18
Thanks, I will have to check it out.
 

Кто просматривает тему: (Всего: 1, Пользователи: 0, Гости: 1)