I have read a few articles on the subject, but I am just looking for some more advice really.
I have a WordPress site with a login functionality and user database on that site.
What I need to do is allow a 3rd party application to authenticate details which it receives against my WordPress database.
I was thinking the best way to do this would be by sending the data to a REST API, but security wise I cannot think how I can return a successful login without this being easily duplicated by a user.
I have read about oAuth and HMAC, but am not sure which route I should be going down.
Any help greatly appreciated, thanks.
Ian
WordPress provides the XML-RPC API for this stuff. That’s what the iPad/iPhone apps use.
Check out the Codex.
For more general info, there’s the Wikipedia entry, http://en.wikipedia.org/wiki/XML-RPC.