The one system I've got in production doing that, Johan, I wrote 7+ years ago and did my own thing rather than whatever OAuth was available at that time.
It's been working fine since.
I guess the question would be whether each of your customers has his own credentials, or whether you are contacting the API as you.
I think a lot of the rationale for OAuth is when you're acting on behalf of somebody else. In my app, that's not the case.
I have two generic procedures:
1. Checks the expiration of my existing token. Fetches a new token if the old one is within 5 minutes of expiry.
2. General API-calling NetTalk client. It's called by something else. It gets a token from the check-and-update-if-needed token procedure, then fills a StringTheory object with what's received from the API.
Then I have various procedures for individual API endpoints I need.
Each procedure constructs the URL with its parameters list. Then passes the URL, a String Theory object, and anything else needed to the api-calling procedure. When the latter has completed, the procedure parses the String Theory object and does its thing.
I posted more details a while back.
NOTE: I've fixed this code since then.
Instead of the custom header I was using in that old post, I now use ThisWebClient.Authorization
! ThisWebClient.CustomHeader = 'Authorization: Bearer '&clip(pToken) !changed to ThisWebClient.Authorization 12/31/2024
ThisWebClient.Authorization = 'Bearer ' & clip(pToken)https://www.nettalkcentral.com/forum/index.php?topic=9562.msg39234#msg39234
Topic: 2Step process - Bearer token - OAuth? (Read 366 times)