I'm tired of wasting brain cycles figuring out whether a given vendor requires you to sign your query before or after you URL encode your parameters and I am fed up with vendors who insist on using interactive user credentials to authenticate API calls. Here's a set of standards that I think should be in place for any REST authentication scheme.<p>I'm tired of wasting brain cycles figuring out whether a given vendor requires you to sign your query before or after you URL encode your parameters and I am fed up with vendors who insist on using interactive user credentials to authenticate API calls. Here's a set of standards that I think should be in place for any REST authentication scheme. </p>