Why using an authentication_token instead of the normal authentication process?

Question

I have a Rails web application, and I want to build a JSON API as well so I can have mobile applications bound to it.

I've been reading a lot about it, and I don't get it why so many people prefer to activate authentication_token authentication instead of the normal authentication process that Devise offers us.

So, the question is: why use authentication_token ? Any performance reason ? Any security reason ? What is the best way to authenticate through an API ?

score 0 · Answer 1 · answered Oct 10 '13 at 11:18

0

authentication_token is basically used to authenticate user from outside i.e. say you sent user a email containing the activation link containing the token, so when he clicks the link, he directly gets logged in.

answered Oct 10 '13 at 11:18

deepthi

685
3
9

That's a confirmation_token, not an authentication_token. – Gustavo Semião-Lobo Oct 10 '13 at 11:20
yup.. confused it.. you can probably look at http://stackoverflow.com/questions/1592534/what-is-token-based-authentication – deepthi Oct 10 '13 at 11:32

Why using an authentication_token instead of the normal authentication process?

1 Answers1