0

Related to this question but looking for a more current set of recommendations w/ Rails 4 and Ember.js.

Is it better to use one, versioned API for users to connect via the Ember UI as well as for 'applications' to use w/ an API key or something? Or would it be better to create two, distinct APIs for this? (i.e. two sets of controllers that have the appropriate restrictions.)

The first is more desirable = less work.

The second just seems to solve problems handling authentication via Devise or the API key, etc.

I know there isn't an objective answer to this so I beg everyone's pardon in advance. I appreciate all reasoned input.

Community
  • 1
  • 1
n8gard
  • 1,870
  • 8
  • 26
  • 41

1 Answers1

1

There are probably some situations where it might make sense to have two separate APIs but if your only reason is for authentication, I don't think it would make sense.

You should look into something like Doorkeeper that allows you to act as an Oauth2 provider, similar to Twitter, Facebook, and Google. Doorkeeper can be used with Devise and allows you to create both user specific access tokens as well as create applications which have their own access tokens.

There's also a Railscast about using Doorkeeper.

HeroicEric
  • 876
  • 5
  • 13
  • Thank you. This was the push I needed to choose a direction. Doorkeeper looks like the perfect solution. Best wishes. – n8gard Jul 18 '14 at 14:20