1

I'm pretty confused on what authentication method to use for my android/ios app.

I'm trying to create login for user and maintain session on the app. If token based authentication is used for session, then it should have expiry time.

Shall I go ahead with ApiAuth token based authentication or Json Web Token authentication for my native apps. Please help me to choose.

Community
  • 1
  • 1
Ashwin Yaprala
  • 2,737
  • 2
  • 24
  • 56

1 Answers1

1

From my experience, we have a substantially complex Rails API which is consumed by both iOS and Android client apps. We use JWT for authentication and it's working pretty well. There is a jwt ruby gem as well. It's easy to have expiry time using JWT. This is also one of the most popular choices of it's kind, so I think you can definitely give this a shot.

K M Rakibul Islam
  • 33,760
  • 12
  • 89
  • 110
  • I was not sure to use jwt for mobile apps. In some places I read that it is for single page applications and there is no clarity that it can be used for native mobile apps. Also I'm not if this is a best approach to use. Though, thank you for the suggestion. – Ashwin Yaprala Sep 24 '15 at 12:30
  • JWT is not only for single page application, that's for sure :) – K M Rakibul Islam Sep 24 '15 at 15:22