We have a project where the main component is a RESTful API server backend for various apps (Web, Android, iOS, desktop). The client/frontend apps will communicate with the API via an API key. The API key can be a JWT or an OAuth2 access_token with a configurable lifetime. How can we implement this with CUBA?
The API key can be generated by the ff:
- App or user registers with the API server.
- API server issues an API key.
- User can revoke or delete the API key then can issue a new one.
Thanks in advance!