Hi, My application has an API server which supports an rails application and an iPhone application, I am confused how to authenticate the api requests, wether I have to generate some API tokens for every user and send it with each request and I don't know how to use the access/secret keys for authentications.
Please help me out
You can have a short-look at OAuth2 protocol, it's simple but should
have many implementations on ruby.
Here is draft-ietf-oauth-v2-20 really
boring doc, but once you have read it, you'll know everything about
this secret/keys 
John Senthil wrote in post #1011816:
Hi, My application has an API server which supports an rails application and an iPhone application, I am confused how to authenticate the api requests, wether I have to generate some API tokens for every user and send it with each request and I don't know how to use the access/secret keys for authentications.
There are likely a few ways you could handle this. However, given this is an iPhone app, NSURLConnection has full support for HTTP cookies, so you could authenticate the user exactly like a browser would. That is by sending the username and password to the sessions controller (over HTTPS, of course).
Once authenticated NSURLConnection will send the session cookie back to the server with every subsequent request. This could be completely transparent to the user of the device. That is once they sign in for the first time at which point the iPhone app stores their login credentials in the secure keychain. If you get a session timeout then re-authenticate with the username/password stored the keychain.