Photo by Fabian Blank on Unsplash


This is a continuation of Part 1 here. In part 1, I wrote a wrapper to call Citibank's API. In this part of the tutorial, I call the RESTful wrapper services that I wrote in part 1 to give users an interface to see their accounts and transfer funds to external accounts.


Photo by William Iven on Unsplash

Can a $5-a-month virtual server run an OAuth2 Server? My virtual server has been my testbed for many IoT projects that make Web API calls to the web services that I have developed. None of these were as secure as I want them to be because I have never gone around implementing an OAuth2 server. Instead, I had mostly depended on POST with username and password to authenticate a user. This is not optimum and definitely not elegant. How do I even sleep at night!?

My $5-a-month virtual server runs PHP and MySQL, so I set out to find out if a PHP implementation of an OAuth2 server will allow me to authenticate my Web API calls. B. Shaffer's OAuth2 PHP Library is what I used: https://bshaffer.github.io/oauth2-server-php-docs/, and this is a documentation of how I did it.

What I Did