[prev in list] [next in list] [prev in thread] [next in thread] 

List:       forgerock-opendj
Subject:    [Opendj] storing API tokens?
From:       derek.knapp () me ! com (Derek Knapp)
Date:       2012-09-29 5:19:12
Message-ID: B1F197EC-E5AB-4BE4-B733-E48A993DA665 () me ! com
[Download RAW message or body]

I have a web application that stores user's credentials in OpenDJ, and thats working \
perfectly.

I am now planning on exposing an API for users to call. I want to allow users to \
generate a token that must be passed in to every API call.. but I'm not sure where \
the best place to store this token. I was thinking that OpenDJ is the correct place, \
as it allows access to user's private data, and is just as important as the user's \
password. A user may have more than one token.

I am wondering if I am correct that this should be stored in OpenDJ, and if so, what \
the best way to do it? I need to be able to have a list of them for each user.


Thanks.

Derek


[prev in list] [next in list] [prev in thread] [next in thread]