I develop an HTTP REST API with Python and Flask, which I want to deploy on Amazon Elastic Beanstalk (platform: Python 3.4).I have some questions regarding the authentication and security of this API.
What is the best approach to secure the API with username and password authentication? The API is only used by other programs/services and and not from people using a browser (if this information is important to you)
My approaches are:
- Use HTTP Basic Auth in Flask and set up SSL in Amazon Elastic Beanstalk (is this possible?)
- Use HTTP Basic Auth in Flask and CherryPy with configured SSL (this is working on local machine, but not on AEB by default)
Is there a best practice for this problem?
Aucun commentaire:
Enregistrer un commentaire