Let state that I've got a website with a few information that may be access externally. Individuals information have to be just have to change byt the respected client. Example: Google Analytic or WordPress API key. How do i produce a system that actually work like this (regardless of programming language)?

Numerous wise individuals are focusing on a typical, and it is known as OAuth. It already has numerous sample implementations, therefore it is pretty simple to get began.


  1. Produce a key for every user
  2. Deny access for every request without it key

Here is really a document on API design.

A great way of producing a vital is always to store a GUID (Globally Unique Identifier) on each user record n the database. GUID will probably be unique and nearly impossible to guess.

Presently, I personally use a concatenation of multiple MD5s having a salt. The MD5s are produced from various concatenations of user data.