Hi David, See bug 13920 and bug 14868. Cheers, Jonathan 2016-01-06 2:14 GMT+00:00 David Cook <dcook@prosentient.com.au>:
Hey all:
What do people think about having keys for Koha APIs? Someone would register a key in Koha and give that key to the developer, the developer puts it in their app configuration, and they’re good to go.
One advantage would be that apps utilizing web services wouldn’t actually have access to Koha itself – just to the APIs associated with the API key. By that same token, a Koha administrator could easily revoke access to an API if necessary for whatever reason.
I’m sure there are other advantages as well. I was thinking a single API key could replace the username/password pair, but you still might want a client_id and an API key, so you’re still managing two fields in your configuration.
Anyway, just a thought.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St, Ultimo, NSW 2007
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/