I am in the process of designing a RESTful API with best practices suggested by Apigee, which includes utilizing nouns over verbs, integrating the API version into the endpoint URLs, and employing two routes per resource collection along with appropriate HTTP methods like GET, POST, PUT, and DELETE.
Currently, I am focusing on implementing a user login system, but I am uncertain about the recommended RESTful approach for user authentication. At this stage, security measures are not my priority; I am solely concentrating on the login workflow. (Future plans include integrating two-factor OAuth authentication and using HMAC, among others.)
Here are some potential approaches for handling login:
- A POST request to an endpoint such as
<code>https://api...com/v1/authenticate.json</code>
- A PUT request to a URL like
<code>https://api...com/v1/accounts.json</code>
- Perhaps something else I haven’t considered yet…
What is the most effective RESTful method for implementing user login?