Re: [rest-discuss] Tracking client-applications using User-Agent
- On Wed, Apr 3, 2013 at 10:45 AM, Jan Algermissen
>In my case we will have multiple installations of the same software
> suppose, you expose a REST-API and want to keep track clients which you gave access to the API. Each client is given a client ID.
> Straight-forward solution would be to use the Authentication (think OAuth) header to extract the client ID.
> However, suppose there are some resource you do not want to protect to enable public caching.
> What about asking the client developers to put the client ID in the User-Agent header. Yes, they would not have to, but let's suppose they are closely enough associated to be reliable enough. If this occasionally slips, that's no big deal. It is for monitoring purposes only. No payment-per-ID or throttling involved.
> Do you have any thoughts or experiences doing something similar?
clients accessing our API. My idea is to use User-Agent for
identifying the software and its version but use Authentication header
or possibly an application key passed as a query parameter to identify
a specific client (instance or installation).
It seems there are three types of client identity that can be relevant
for an API to keep track of; software identity, software installation
identity and end user identity. In my case we have no current use case
where end user identity is required but we are interested in the first
two types of client identity.
mobile: +46 730 787 035