This article talks alot about authentication and authorization, but only considers a user who is logged in.
What about a guest user? A user who just installed your app or opened your website. They don't have an account, nor are they willing to login just to view some content. Neither the Google Auth service, as that requires the user to give you their Google account before doing anything
Not entirely sure I understand your point in the context of APIs. For sites and apps, sure there is a non-logged in state, but securing applications is a whole other topic with its own unique concerns :).
For APIs, even free ones, the vast majority now require at least some form of sign up and auth to prevent abuse or misuse.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This article talks alot about authentication and authorization, but only considers a user who is logged in.
What about a guest user? A user who just installed your app or opened your website. They don't have an account, nor are they willing to login just to view some content. Neither the Google Auth service, as that requires the user to give you their Google account before doing anything
Not entirely sure I understand your point in the context of APIs. For sites and apps, sure there is a non-logged in state, but securing applications is a whole other topic with its own unique concerns :).
For APIs, even free ones, the vast majority now require at least some form of sign up and auth to prevent abuse or misuse.