Level 74
You can but it's not a a good idea.
I suggest you take a look at Sanctum
Jul 15, 2021
3
Level 4
Simple authentication without login in
I have simple API, that is waiting for incoming POST request with JSON data.
Can I just put into incoming data some static token and verify myself like that? For general use it is good enough?
{
"token" : "myPassword123",
//rest of the useful data
}
Level 122
i've sometimes used this to send analytics messages from one of my apps to another of my apps
in the environment of each I set a long and random string as a ' shared secret'
Level 54
it depend on the purpose.... what if someone who not happy with you or your company and knew the token have resigned and working in your competitor company???
Please or to participate in this conversation.