API Authentication Security Improvement

omprakash_gurubaxani
Member
in APIs Ideas
As per API authentication guide here -
The first step to get access to Domo APIs is to generate ClientId/Secret and then make a request to get access token. This request is of type "Basic Auth" where client credentials (ClientId/Secret) are passed as base64 encoded string. Since these creds act like username/password sending them as just base64 encoded over https is secure but not the best form of security as they can easily decoded.
Ask is to update this method to send client creds as part of a POST request in Body to make them more secure and true OAuth (i.e. no use of Basic Auth at all).
Reference -
Tagged:
3
Categories
- All Categories
- Product Ideas
- 2.1K Ideas Exchange
- Connect
- 1.3K Connectors
- 309 Workbench
- 7 Cloud Amplifier
- 10 Federated
- Transform
- 663 Datasets
- 119 SQL DataFlows
- 2.3K Magic ETL
- 823 Beast Mode
- Visualize
- 2.6K Charting
- 86 App Studio
- 46 Variables
- Automate
- 193 Apps
- 483 APIs & Domo Developer
- 86 Workflows
- 23 Code Engine
- AI and Machine Learning
- 23 AI Chat
- 4 AI Projects and Models
- 18 Jupyter Workspaces
- Distribute
- 117 Domo Everywhere
- 283 Scheduled Reports
- 11 Software Integrations
- Manage
- 143 Governance & Security
- 11 Domo Community Gallery
- 49 Product Releases
- 13 Domo University
- Community Forums
- 41 Getting Started
- 31 Community Member Introductions
- 116 Community Announcements
- 5K Archive