REST service authentication

Question

What are the best practice for implementing authentication for REST apis?

Using BASIC auth + SSL or something like http://tools.ietf.org/html/draft-hammer-http-token

Answer 1

You should look into Security Token Service or STS.

Check out these links for more information:

Off-the-shelf Security Token Service (STS) that uses ASP.NET membership provider?

http://msdn.microsoft.com/en-us/library/ee517259.aspx