Where and how do I save the API's authentication token?

4

Hello, I'm having an angled application, which will consume a API . For this to happen, I must send POST to another API , which serves only to generate a token that I will pass on all other requests. My question is this: after I generate this token , where should I save it? The first thing that comes to mind is saving directly into the bank, but it does not appear to be the recommended one. What is usually done in this situation?

    
asked by anonymous 03.05.2018 / 15:49

1 answer

2

Depends on TTL ( time-to-live , or life ) of the token.

  • If the token is short: Keep it in memory (or cache ) only.
  • If the token is of long duration: Store it to a bank, associated with the user (or process) that obtained it.

Remember that most services that work with token authorization can return 401 Unauthorized at any time, and the re-authentication process for any TTL is usually the same.     

03.05.2018 / 16:08