API Authentication

Hi guys,

I’m looking to build a really simple mobile application which will leverage the Xibo API (props to you guys for such an extensive API!).

When I say simple, I mean literally just showing display status and details. Maybe the ability to authorize a display.

I’m by no means an expert software engineer, but I can handle the basics. What I’m having a hard time wrapping my mind around is authentication. I want users to be able to use their xibo username and password to get a token which has their appropriate scope.

I know you support application credentials, but that would require every user to generate a clientID/Secret and enter that into the mobile app.

Is there a simpler way around this? Can the authentication be automated? For example, have it redirect to the xibo login, grant authorization, and back to the mobile app. I’ve seen that in many OAuth scenarios.

Any help is appreciated and I apologize if this is a pretty trivial question.

The application would need to be created I’m afraid.

Alternatively from your description, I wonder if just accessing the CMS on your phone, with homepage set to the Displays page would give you all the information you need - however I can see how a dedicated mobile app with less information etc would be more desirable in the end.