API Authentication Security Improvement

omprakash_gurubaxani
Member
in APIs Ideas
As per API authentication guide here -
The first step to get access to Domo APIs is to generate ClientId/Secret and then make a request to get access token. This request is of type "Basic Auth" where client credentials (ClientId/Secret) are passed as base64 encoded string. Since these creds act like username/password sending them as just base64 encoded over https is secure but not the best form of security as they can easily decoded.
Ask is to update this method to send client creds as part of a POST request in Body to make them more secure and true OAuth (i.e. no use of Basic Auth at all).
Reference -
Tagged:
3
Categories
- All Categories
- 2K Product Ideas
- 2K Ideas Exchange
- 1.6K Connect
- 1.3K Connectors
- 311 Workbench
- 6 Cloud Amplifier
- 9 Federated
- 3.8K Transform
- 659 Datasets
- 116 SQL DataFlows
- 2.2K Magic ETL
- 816 Beast Mode
- 3.3K Visualize
- 2.5K Charting
- 82 App Studio
- 45 Variables
- 776 Automate
- 190 Apps
- 481 APIs & Domo Developer
- 82 Workflows
- 23 Code Engine
- 40 AI and Machine Learning
- 20 AI Chat
- 1 AI Playground
- 1 AI Projects and Models
- 18 Jupyter Workspaces
- 411 Distribute
- 120 Domo Everywhere
- 280 Scheduled Reports
- 11 Software Integrations
- 144 Manage
- 140 Governance & Security
- 8 Domo Community Gallery
- 48 Product Releases
- 12 Domo University
- 5.4K Community Forums
- 41 Getting Started
- 31 Community Member Introductions
- 115 Community Announcements
- 4.8K Archive