By default, the OAuth 2 token that is generated in an Apigility app expires in 1 hour. Upon expiry, the client is expected to use the refresh token to get a new access token. You can see this when you authenticate via a POST to /oauth as you get this response back:
If you need longer than 1 hour, then simply add this top level configuration setting:
'zf-oauth2' => [
'access_lifetime' => 7200,
The access_lifetime key controls the expiry… continue reading.
I have a client that's writing an Apigility API that needs to talk to a database that's already in place. This also includes the users table that is to be used with Apigility's OAuth2 authentication. Getting Apigility's OAuth2 integration to talk to a specific table name is quite easy. Simply add this config:
'storage_settings' => array(
'user_table' => 'user',
To the relevant adapter within zf-mvc-auth => authentication config. However, if you want to use different column names, that's a bit… continue reading.
A few days ago, techPortal published my tutorial Create a RESTful API with Apigility. Apigility was announced at ZendCon US in October 2013 and I think that it looks like a useful tool for creating APIs. I particularly like that versioning is built in from the start and that it handles content negotiation. If you want to learn about Apigility, then have a read. The source code is available on GitHub.
At ZendCon 2013, Zend announced Apigility which is intended to ease the creation of APIs. It consists of these things: A set of ZF2 modules that do the heavy lifting of creating an API A application wrapper for creating standalone web API applications A built-in administration website for use in development to define the API Rather nicely, it supports REST and RPC and deal with error handling, versioning & content negotiation for you. Getting started… continue reading.