Seems the first question would be to see where is the authentication information. The real benefit is that it allows to separate who is authenticating the client and who owns the accessed resource.
In your case it seems you'll both authenticate the client and own the resource so it seems a "traditional authentication" could be enough.
All-Star
48570 Points
18086 Posts
Re: OAuth2 vs traditional per request authentication
Oct 31, 2018 05:58 PM|PatriceSc|LINK
Hi,
Seems the first question would be to see where is the authentication information. The real benefit is that it allows to separate who is authenticating the client and who owns the accessed resource.
In your case it seems you'll both authenticate the client and own the resource so it seems a "traditional authentication" could be enough.