Forum Discussion

  • gessulat's avatar
    gessulat
    Adept
    10 years ago

    As i understand the simple request in browser's address field shoud work too. No?

    • luk's avatar
      luk
      Boss
      10 years ago
      Unfortunately not...you need to go trough an OAuth authorization flow which results in a token that has to be passed with the request... see http://community.lithium.com/t5/Community-API-v2/OAuth-2-0-authorization-grant-flow/ta-p/138402

      its way too complicated IMHO (it's reasonable from a security standpoint, but as long as most community data is publicly available via REST API v1, it does not make any sense to have it that complicated, I think there should be a setting that can make v2 API calls "insecure",e.g. not using the OAuth stuff)
      • gessulat's avatar
        gessulat
        Adept
        10 years ago

        Thank you for answer.

         

        I've read that in Getting Started that:

         

        You can make anonymous calls or authenticated calls. Both go through Lithium's API Proxy and require HTTPS. 

        An authenticated call requires an authorization handshake using an OAuth2.0 grant flow

         

        I though that in case of anonymous call i can do it without auth. 

         

        I think that using paralell 2 api versions is complication. I can do all my query (server to server) with v1.