What should I return for a login method in my API?

Question

There is Server A, Server B and Server C. Also there are account SUPERUSER and customer accounts.

Server A is the API service, it contains all the customer credentials.

Server B is the oAuth server.

Server C is the application which is going to use the API service authenticating any customer account but first doing an internal authentication of SUPERUSER account via Server B.

In short words, I don't know if this method is appropriate, but this is what I think: My API service needs a method called "/authenticate/" only for customers authentication and receiving parameters as user and password. The thing is, what status code should I return in case of success or fail?

score 0 · Answer 1 · edited May 23 '17 at 12:14

0

For success you could return a status_code 200 and for fail, which is an authentication error, you could return status_code 403 Forbidden. In case of success you could also return a Token authentication

edited May 23 '17 at 12:14

Community

1
1

answered Aug 11 '15 at 16:42

Gocht

9,924
3
42
81

What should I return for a login method in my API?

1 Answers1