What is token based authentication ?

Source: Explianed here..

The general concept behind a token-based authentication system is simple. Allow users to enter their username and password in order to obtain a token which allows them to fetch a specific resource – without using their username and password. Once their token has been obtained, the user can offer the token – which offers access to a specific resource for a time period – to the remote site.

 

In other words: add one level of indirection for authentication — instead of having to authenticate with username and password for each protected resource, the user authenticates that way once (within a session of limited duration), obtains a time-limited token in return, and uses that token for further authentication during the session.

Advantages are many — e.g., the user could pass the token, once they’ve obtained it, on to some other automated system which they’re willing to trust for a limited time and a limited set of resources, but would not be willing to trust with their username and password (i.e., with every resource they’re allowed to access, forevermore or at least until they change their password).

If anything is still unclear, please edit your question to clarify WHAT isn’t 100% clear to you, and I’m sure we can help you further.

 

 

Advertisements

About Hiren Kubavat

ORACLE,MYSQL.PHP,JQUERY,JAVASCRIPT,AJAX,HTML,CSS,ANGULAR2,AWS, WORDPRESS,JOOMLA,DRUPAL,CAKEPHP,LARAVEL,CODEIGNITER,MVC & CMS.
This entry was posted in API, MysQl, PHP and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s