Hi all,

 

I mostly see Koha APIs being used client-side by Koha using cookie authentication.

 

I know we have OAuth2 and Basic Auth that can be tied to a Koha user, and used by a third-party system, which is great.

 

However, what about when we have server-side Koha components that want to use Koha APIs? (I suppose you could set up a user for that component, but it could always be deleted by an overzealous librarian.)

 

Or should we only be using a Message Broker (like RabbitMQ) for passing messages among Koha server-side components? (That would require more of a service oriented architecture of course, which we don’t have in place, while we do have a HTTP API in place.)

 

What are your thoughts?

 

David Cook

Systems Librarian

Prosentient Systems

72/330 Wattle St

Ultimo, NSW 2007

Australia

 

Office: 02 9212 0899

Online: 02 8005 0595