Basic Auth
From DreamFactory
(Created page with "Ambulance Officer Amado Cherrington from Sardis, has several pursuits including backgammon, Web Hosting and car. Intends to quit work and take the family to lots of the notewo...") |
|||
| (14 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | DreamFactory supports [https://en.wikipedia.org/wiki/Basic_access_authentication Basic HTTP Authentication] both via Authorization request header and URL. At a minimum, you should use HTTPS to protect credentials when using the request header, and should altogether avoid inserting credentials into URLs. | |
| + | |||
| + | === API Endpoints === | ||
| + | |||
| + | ==== Using Authorization request header ==== | ||
| + | |||
| + | <pre>{METHOD} https://{url}/api/v2/{service}/{resource}</pre> | ||
| + | Request Header: | ||
| + | <pre> | ||
| + | Accept:application/json | ||
| + | Accept-Encoding:gzip, deflate, sdch | ||
| + | Accept-Language:en-US,en;q=0.8 | ||
| + | Authorization:Basic {base64_encode(username + : + password)} <-- Basic Authentication | ||
| + | Connection:keep-alive | ||
| + | Content-Type:application/json | ||
| + | .... | ||
| + | </pre> | ||
| + | |||
| + | ==== Using URL ==== | ||
| + | |||
| + | <pre>{METHOD} https://username:password@{url}/api/v2/{service}/{resource}</pre> | ||
| + | |||
| + | '''''Note:''' Basic Authentication over URL will not work for user agents that support request header (most web browsers)'' | ||
| + | |||
| + | === Example - Basic Authentication via Authorization request header using JQuery Ajax call === | ||
| + | |||
| + | <source lang="JavaScript"> | ||
| + | var username = $('#username').val(); | ||
| + | var password = $('#password').val(); | ||
| + | var url = 'https://foo.com/api/v2/db/_table' | ||
| + | |||
| + | $.ajax({ | ||
| + | url: url, | ||
| + | async: true, | ||
| + | type:'GET', | ||
| + | dataType: 'json', | ||
| + | contentType: 'application/json', | ||
| + | beforeSend: function(xhr) { | ||
| + | xhr.setRequestHeader("Authorization", "Basic "+btoa(username+':'+password)); | ||
| + | }, | ||
| + | success: function(json){ | ||
| + | ... | ||
| + | }, | ||
| + | error: function(err) { | ||
| + | ... | ||
| + | } | ||
| + | }); | ||
| + | </source> | ||
| + | |||
| + | === Example - Basic Authentication via URL using CURL === | ||
| + | |||
| + | <pre> | ||
| + | curl https://jdoe%40dreamfactory.com:secret@foo.com/api/v2/db/_table | ||
| + | </pre> | ||
| + | '''''Note:''' %40 = url_encode(@)'' | ||
| + | |||
| + | * Username: jdoe@dreamfactory.com | ||
| + | * Password: secret | ||
| + | * Service: db | ||
| + | * Resource: _table | ||
Latest revision as of 16:15, 13 August 2019
DreamFactory supports Basic HTTP Authentication both via Authorization request header and URL. At a minimum, you should use HTTPS to protect credentials when using the request header, and should altogether avoid inserting credentials into URLs.
Contents
API Endpoints
Using Authorization request header
{METHOD} https://{url}/api/v2/{service}/{resource}
Request Header:
Accept:application/json
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Authorization:Basic {base64_encode(username + : + password)} <-- Basic Authentication
Connection:keep-alive
Content-Type:application/json
....
Using URL
{METHOD} https://username:password@{url}/api/v2/{service}/{resource}
Note: Basic Authentication over URL will not work for user agents that support request header (most web browsers)
Example - Basic Authentication via Authorization request header using JQuery Ajax call
var username = $('#username').val(); var password = $('#password').val(); var url = 'https://foo.com/api/v2/db/_table' $.ajax({ url: url, async: true, type:'GET', dataType: 'json', contentType: 'application/json', beforeSend: function(xhr) { xhr.setRequestHeader("Authorization", "Basic "+btoa(username+':'+password)); }, success: function(json){ ... }, error: function(err) { ... } });
Example - Basic Authentication via URL using CURL
curl https://jdoe%40dreamfactory.com:secret@foo.com/api/v2/db/_table
Note: %40 = url_encode(@)
- Username: jdoe@dreamfactory.com
- Password: secret
- Service: db
- Resource: _table
