Consider this scenario: A Web App "A" wants to call an API "B" and the API "B" also needs to call the Web App "A" API, but both calls (from "A" to "B" and from "B" to "A") have to be in behalf of an user (the user is the same on both platforms but with different credentials). A and B are apps developed by different companies, so no code base is shared.
I need to design this scenario, where my app will integrate with another app and both apps will consume data from each other.
I know I could use Oauth but I am not sure what to do since it will be a bidirectional communication. I do not want to request the user to authorise both applications. Is there any design pattern or model I can use?
Aucun commentaire:
Enregistrer un commentaire