I wanted to get advice on opening up a Rails application to allow an external service to make REST calls to my service. Currently, REST calls are only made securely through the out of the box Rails security. However, I would like to open all of those to external users via an API.
For example, right now people can create blog posts once creating an account and logging in. However, I would to be able to allow a third party to be able to create users and then allow blog posts for users by making API calls.
I am hoping to get an idea of what are the possibilities and what will keep it the secure as possible.