We are considering securing a REST interface so that only a list of known client applications can access it, having similar requirements as: How to make sure API requests come from our mobile (ios/android) app?
To avoid reinventing the wheel we are considering using a '0-legged' OAuth implementation, where the clients request resources signing the request only with the consumer key and consumer secret (I'm using the term 0-legged as per this great blog post: http://www.bfcamara.com/post/34158128493/oauth-2-legged-vs-0-legged-uservoice-api-as-an).
I have been researching if any iOS APIs provide support for this kind of OAuth usage, but there seems to be a lot of confusion with the terminology. Are you guys aware of any iOS OAuth API that can be used in a '0-legged' fashion? Should I do my research using a different terminology?
Many thanks, Gustavo
