API Authentication Security Improvement
Options
omprakash_gurubaxani
Member
in APIs Ideas
As per API authentication guide here -
The first step to get access to Domo APIs is to generate ClientId/Secret and then make a request to get access token. This request is of type "Basic Auth" where client credentials (ClientId/Secret) are passed as base64 encoded string. Since these creds act like username/password sending them as just base64 encoded over https is secure but not the best form of security as they can easily decoded.
Ask is to update this method to send client creds as part of a POST request in Body to make them more secure and true OAuth (i.e. no use of Basic Auth at all).
Reference -
Tagged:
2
Categories
- All Categories
- 1.5K Product Ideas
- 1.5K Ideas Exchange
- 1.4K Connect
- 1.1K Connectors
- 283 Workbench
- 4 Cloud Amplifier
- 4 Federated
- 2.7K Transform
- 90 SQL DataFlows
- 565 Datasets
- 2K Magic ETL
- 3.4K Visualize
- 2.3K Charting
- 593 Beast Mode
- 13 App Studio
- 28 Variables
- 588 Automate
- 143 Apps
- 417 APIs & Domo Developer
- 27 Workflows
- 1 DomoAI
- 28 Predict
- 12 Jupyter Workspaces
- 16 R & Python Tiles
- 361 Distribute
- 99 Domo Everywhere
- 260 Scheduled Reports
- 2 Software Integrations
- 96 Manage
- 93 Governance & Security
- 15 Product Releases
- Community Forums
- 37 Getting Started
- 28 Community Member Introductions
- 90 Community Announcements
- 4.8K Archive