How to make secure authorization with vkontakte for html5 applications running via iframe?

Created an application that works through websocket. At the moment, authorization through cookies, I want to finally start working with vkontakte api. The whole guide reread anywhere is not described a simple way to identify the user. I just need a unique user key, under which I save its settings on the server in the xml file. It is necessary that this unique key, it was impossible to send a substitution, I think it should be well implemented in VK api.

For the future, those who will look for my question: the client side:

var auth = findGetParameter("auth_key"); if (auth) { var id =findGetParameter("user_id"); socket.send('9'+'|'+auth+'.'+id ); }

getta function

 function findGetParameter(parameterName) { var result = null, tmp = []; var items = location.search.substr(1).split("&"); for (var index = 0; index < items.length; index++) { tmp = items[index].split("="); if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]); } return result; }

server (pkhp):

 $auth_key = md5('Фашайдиприложения' . '_' . $id . '_' . 'ФашЗащитный ключ'); if($auth_key==$auth) //пропускаем создаем пользователей

    1 answer 1

    Yes, there is. About auth_key and how to check it can be read in detail here .
    It, exactly like other necessary data, is transmitted when entering the application as GET parameters.

    • Thank you very much, I was completely lost in the abundance of documentation VC. As soon as I understand, I will choose the answer. - Sergey