Hi!
I have a couple of questions regarding auth mechanisms supported for Trello REST API:
- Does Trello only support OAuth 1.0? Is OAuth 2.0 support expected in the future?
- The Trello documentation points to 2 endpoints:
1/authorize/, and the set mentioned in this section. I might be missing something very basic here, but I want to know if the 1/authorize/ method is only to get familiar with the APIs, and not recommended to be used while authorizing users via a website? Do they follow different auth mechanisms?
TIA
Yes, Trello only supports OAuth1.0. We don’t currently have any plans to support OAuth2.0.
The 1/authorize method is intended to be used for all authorization needs. For instance, it is used by the Trello Chrome Extension: https://chrome.google.com/webstore/detail/trello/dmdidbedhnbabookbkpkgomahnocimke?hl=en.
Either 1/authorize or OAuth1.0 can be used to authorize users via a website.
1 Like
Is it safe to use 1/authorize route? The token is passed to user’s side, and no backend participate in the token generation procedure via secret value.