What I am trying to find out is how to securely send a username and password to an API. Basically I am accessing a restful API using a URL like "https://myapi.com/api/username=test&password=test123". If the username and password are correct the API will return a JSON page. How would I go about sending the information securely to the API URL?

Recommended Answers

All 3 Replies

The way you're doing it is very bad, very, very bad.

1) You should only let people have access to the api if they have a 'key' (at the moment anyone can access it)

2) You need a way to encrypt the 'password' if not, it's plaintext.

I didn't set up the API. How it works its the user is assigned an API key but the only way to retrieve it from the JSON page using the above type link. :/

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.