Forum - Rest API v.2 developer credentials

Rest API v.2 developer credentials

Aldevinas Katkus

2017-10-02

Are the developer credentials shared among all the companies I can see on mystandard? I cannot see a way to assign developer credentials to the particular company.

Aldevinas Katkus

2017-10-02

one more related question:
if I would like to fetch contacts from the SERP with Rest API v. 2, shall I use some kind of proxy if I use my phone which has a dynamic IP address?

Bjanka

2017-10-06

Hello!

Developer credentials are issued per developer (Standard ID), not per installation. Developers can generate as many of them as they want and use them in any installation/database/company.

As per using phone network: if a server is on normal network, then yes. Server IP address should be fixed.

Aldevinas Katkus

2017-10-17

Created byBjanka13:37 6 Oct 2017

Hello! Developer credentials are issued per developer (Standard ID), not per installation. Developers can generate as many of them as they want and use them in any installation/database/company. As per using phone network: if a server is on normal netwo

Thanks for the answer. One more question:
is there any CSRF protection implemented in the Rest API?
The CSRF (Cross Site Request Forgery) problem with OAuth is described here https://security.stackexchange.com/a/57886
It looks like the 'state' param is not sent back to the redirect_url. Quote
"The authorization code is issued and sent back to the client in your session along with the state parameter"
I was testing OAuth with this http://oauth2-client.thephpleague.com/usage/

Back to the list

New Message
Open Questions My Questions