I'm building an API to be able to encrypt and store data through my main website and the sub ones, where I want to post users' passwords along with a special identifier when they sign up to my main website (I have an algorithm to encrypt the password - texts in general), and when they try to login again, a backend function communicate with my main website posting the password through a router page to hide the http function URL, the main page backend will process the password to see if it matches the stored and encrypted password, and respond with a http 200 response, and response with http 403 forbidden if the request was sent from any domain other than mine, or in other cases when the API key is wrong, then, if the site receives the ok http 200 response, a backend code will generate a session token and return it to the front end, somewhat similar to what "login with Google" or Facebook offer, but with my own API.
Now I have a few questions:
1. How can I improve the overall logic or the methods with faster processing, easier methods with the security being the main concern.
2. If I opened the API for integration with others with a subscription plan, who would buy a subscription to encrypt their data in this way?
3. How can I scale the use of this functionality to get more customers and profits?
Even if you don't have an answer, leave your thoughts about this topic, feedback is greatly appreciated 😊
Ahmad
Can you explain the reason behind this project? I'm not sure to understand. Security and password management is a very sensitive topics. To be honest, I'm glad Wix is taking that out of my plate. I don't want to worry about identification and authentification, it such a mess! So why would someone use such API? :) Also there are trusted provider like Google, Auth0,... as you mention so why coming up with another solution?