api key and id in restful api

I have a asp net mvc web site, and I want to provide an API (json output) for some of the actions, and I'm wondering where should I use api key, api id or so.

I think I can split my api methods in two types : the ones which are simple get action, and the ones which need to be logged in my website to be called.

For the first ones, there is no need of authentication, so someone who consume my api will be allowed without any check, no need of any key for him. Is it ok ?

For second kind of actions, he will have to know the end user password (to connect). So should I use an api key for the api consumer (then check if I can trust the api consumer)? Or should I use OAuth and token mechanism (seems complicated) ? Or should I use a public开发者_如何学编程 key / private key with hmac checksum ?

I know than this kind of question appears quite often, but here I want to know what is the easiest way to handle my case, and what is useless in my case.

Thanks

For the first ones, there is no need of authentication, so someone who consume my api will be allowed without any check, no need of any key for him. Is it ok ?

Yes.

For second kind of actions, he will have to know the end user password (to connect). So should I use an api key for the api consumer (then check if I can trust the api consumer)?

That would be the easiest. Have a list of keys in your database which you would provide to your customers and then ask for the consumer to pass his key in order to identify him.