Simultaneous multiple authentication sources for API

Adam Che

When requiring authentication for API endpoints, I saw you could set up and select any table, however, you can only choose one option. I have both a User and a Employee table. Some of my endpoints will be used for both my user and enterprise websites, so I want a way to have multiple simultaneous authentication sources.

What is the best way to do this?

1. Is there a way to do this with the standard setup?
2. Does it make sense to make some type of bridge or shared table that could somehow be used to authenticate both types in the cases where it is necessary?
3. Should I make duplicate endpoints for the employee enterprise website when needed?
4. Is it better to pass the auth token as a parameter (not using the standard setting) and also pass in the user type as a param and then add functions to the stack handling either case?

What are your thoughts?

Ray Deck

Rather than managing auth in a more complex way, I would have separate endpoints that use common functions. That way you have the endpoint manage the authentication concern and turn that into context that you feed to the function. The function only has to worry about doing the business logic job.