API Authentication

[Medron]

Is there a way to Authenticate API Requests with OAuth2 Password  and then limit information from data tables to only that belonging to the logged in user?

[LunaLovegood]

Hello Medron,

Caspio Bridge REST API authentication is based on OAuth 2.0 protocol and supports client_credentials flow, meaning that before a client can access Caspio Bridge resources, it must be authenticated using Client ID/Secret pair (can be found once you started creating WSP or Web Services Profile). And all REST calls should be made in HTTPS. When successfully authenticated, a token is generated that must be used in all follow on calls to the resources endpoint. 

And to limit the access, you may find this (the one in black) in the Web Services Profile as well:

 

 

Hope that helps. 

 

[Medron]

Thank you Luna. So if I was making a mobile app where I wanted clients to only access data pertinent to them (based on their full name or user ID) via an API I would need to create Web Services Profiles for each client?

[LunaLovegood]

Hi Medron,

The permission that I am referring in the WSP is intended for sub-user of your Caspio Bridge Account.

Please check their article about it; https://howto.caspio.com/web-services-api/creating-a-web-services-api-profile/

https://howto.caspio.com/web-services-api/rest-api/