I am using Ruby on Rails and doorkeeper to control client auth. I am looking for a way to generate an access token that is only useful for a specific API endpoint. The goal is to send a link via email to that endpoint. I want to include the access token so they don't need to log in. However, I don't want anyone with the link to be able to log in and do whatever they want, they should only be allowed to use said endpoint with that token. Is that possible?
Aucun commentaire:
Enregistrer un commentaire