Wednesday, July 30, 2014

HMAC authentication option recommended for API users

It is now possible to access the LocalBitcoins API using HMAC authentication instead of OAuth 2. This new authentication method is more suitable and secure for your own scripts and non-distributed applications. We suggest to use it whenever possible.

API tokens will now also reset on account security changes. If you change your password or if you enable login guard or two-factor authentication, the API access credentials are reseted. This means deleting all API clients, tokens, and authentications.

In the future, console authorization of OAuth 2 will be disabled and all who use API for scripting access are recommended to migrate to HMAC authentication.

Please see the API documentation for instructions how to update your scripts and API clients.

No comments:

Post a Comment