|
|
|
@ -745,7 +745,7 @@ A client may receive a login ``token`` via some external service, such as email
|
|
|
|
or SMS. Note that a login token is separate from an access token, the latter
|
|
|
|
or SMS. Note that a login token is separate from an access token, the latter
|
|
|
|
providing general authentication to various API endpoints.
|
|
|
|
providing general authentication to various API endpoints.
|
|
|
|
|
|
|
|
|
|
|
|
Additionally, the server must encode the user id in the ``token``; there is
|
|
|
|
Additionally, the server must encode the user ID in the ``token``; there is
|
|
|
|
therefore no need for the client to submit a separate username.
|
|
|
|
therefore no need for the client to submit a separate username.
|
|
|
|
|
|
|
|
|
|
|
|
The ``txn_id`` should be a random string generated by the client for the
|
|
|
|
The ``txn_id`` should be a random string generated by the client for the
|
|
|
|
|
Travis Ralston
5 years ago