Requests to the MILK API on behalf of a user are authenticated using a token.
For details on how to use a token, see Using Tokens.
For details on what is in a token, see Token Format.
For example requests and responses, see Authentication Examples.
Obtaining a Token
The MILK API has 2 ways of authenticating users to obtain a token.
- Users are registered with and log into the MILK API.
- After logging in to the MILK API servers with the users credentials, the MILK API issues a signed token which can be used to make requests on behalf of that user.
- Users are registered with and log into servers controlled by the API implementer.
- After logging in to the implementer's servers, the implementer's servers issue a signed token which can then be accepted by the MILK API to make on behalf of that user.
Once you have let MILK know which method you will be using to authenticate your users, we'll set up your account and issue with the required credentials for your chosen method.
Selecting an Authentication Method
Internal Authentication might be the most appropriate in the following situations:
- An application that doesn't have user accounts, and has no plans to add them.
External Authentication would work the best in the following situation:
- An application already has an existing server based user account system.