Basic Auth

From DreamFactory
Jump to: navigation, search
(Example - Basic Authentication via URL using CURL)
(Example - Basic Authentication via URL using CURL)
Line 48: Line 48:
 
</source>
 
</source>
  
=== Example - Basic Authentication via URL using CURL ===
+
=== Basic Authentication via URL using CURL ===
 +
 
 +
Requires HTTPS to avoid sending clear text credentials.
  
 
<pre>
 
<pre>
curl http://jdoe%40dreamfactory.com:[email protected]/api/v2/db/_table
+
curl https://jdoe%40dreamfactory.com:[email protected]/api/v2/db/_table
 
</pre>
 
</pre>
 
'''''Note:''' %40 = url_encode(@)''
 
'''''Note:''' %40 = url_encode(@)''

Revision as of 18:55, 30 June 2016

DreamFactory supports Basic HTTP Authentication both via Authorization request header and URL.

API Endpoints

Using Authorization request header

{METHOD} https://{url}/api/v2/{service}/{resource}

Request Header:

 Accept:application/json
 Accept-Encoding:gzip, deflate, sdch
 Accept-Language:en-US,en;q=0.8
 Authorization:Basic {base64_encode(username + : + password)}    <-- Basic Authentication
 Connection:keep-alive
 Content-Type:application/json
 ....

Using URL

{METHOD} https://username:[email protected]{url}/api/v2/{service}/{resource}

Note: Basic Authentication over URL will not work for user agents that support request header (most web browsers)

Example - Basic Authentication via Authorization request header using JQuery Ajax call

var username = $('#username').val();
var password = $('#password').val();
var url = $('#url').val();
 
$.ajax({ 
    url: url,
    async: true,
    type:'GET',
    dataType: 'json',
    contentType: 'application/json',
    beforeSend: function(xhr) {
        xhr.setRequestHeader("Authorization", "Basic "+btoa(username+':'+password));
    },
    success: function(json){
        ...
    },
    error: function(err) {
        ...
    }
});

Basic Authentication via URL using CURL

Requires HTTPS to avoid sending clear text credentials.

curl https://jdoe%40dreamfactory.com:[email protected]/api/v2/db/_table

Note: %40 = url_encode(@)