Is two-legged oAuth the right answer for a simple API?

I'm writing an API where partners will ingest my content. There is no user data to speak of, and it's all-or-nothing access. I'd eventually like to be ab开发者_JAVA百科le to restrict some partners to certain elements of the site, but that's down the road.

Does a two-legged oAuth fit my needs well, or should I just provide an API key and a secret key to use in signing the requests? I feel like oAuth might be overkill.

Thanks!

This blog post is a little old, but has some good info.

http://blog.apigee.com/detail/do_you_need_api_keys_api_identity_vs._authorization/

It sounds like an API key would be your best bet for now...who knows, you may never need oAuth, but you could always migrate to it in the future.