Rest authorization

Hi. I have to create authentication to rest controllers. The problem (i think this is a problem) is rest user should not be authorized like normal users. In fact i have ldap authentification for normal users. And for rest users there should be another authentification method because they are not using ldap. I do knot know how to get this working. Also for now i call rest controller like this: site/restcontroller/restaction/parameter1/parameter2. It is working. But then what about authorization? Do i need to send username and password with parameters in url? Where i should i keep rest user data? In database and compare it with $_get parameters?

Please advice me something because i do not have any conception.

In addition the system should be quite save.

I had to do the same thing it’s all right here:

I just added an access token field to my user table then used the QueryParamAuth method.