I'm studying how to build some sort of SSO service for a project I'm working on. We are using NodeJS, but it's not a mandatory environment. Let me explain the situation:
I have a client who signs up to our app. The signup process generates N accounts via API on N third party services on behalf of the user.
What I want to achieve from now on is the user being able login into our app with just the "local credenitals" and use it as a "pipe service" to consume data stored by the third party services. So I'm planning to keep a local DB with a one to many table with 1 local user credentials and N third party credentials.
The data provided by third party APIs range from few bytes to video streams (ie assume the size and structure of the provided data is unknown).
And here is the question:
What method is better between the following options and why?
1- Create a pass through server that makes API requests to third party API and sends the results to the client (so receiving the data from third party API and forwarding them to the client).
2- Send to the client the third party credentials and let the client handle all the API requests to them (just sending the correct credentials for a service to the client).
3- Some other option I didn't think of
Thanks in advance for the answers.
Aucun commentaire:
Enregistrer un commentaire