在我看来，服务器端将使用某种API来开放对用户数据的访问.最简单的方法是随每个请求一起发送存储的用户名和密码.仅当您使用的连接是安全的(https)时才起作用，这会带来获取ssl证书的麻烦.

It sounds to me as if the server side will be some sort of API that opens up access to a users data. The easiest method would be sending along a stored username and password with each request. This would only work if the connection your using is secure (https) which brings in the hassle of obtaining an ssl certificate.

另一个选择是使用OAuth，尽管您的用例似乎与标准OAuth用例有些不同. OAuth是一种协议，该协议使用基于令牌的系统来建立用户权限，以允许另一个应用程序从一个应用程序访问某些数据.在您的情况下，您将同时控制第一个和第二个应用程序(因此，我的评论与标准用例不同)请阅读此处以获取更多信息.

Another option would be using OAuth, though your use case seems a little bit different than the standard OAuth use-case. OAuth is a protocol that uses a token based system to establish a users permission to access certain data from an application by another application. In your case you would be in control of both the first and the second application (hence my remark on being different than the standard use-case) Read here for more info.