Basic Auth
From DreamFactory
(Created page with "### Tutorial DreamFactory 2.0 supports Basic HTTP Authentication both via Authorization request header and URL. ### API Endpoints #### Using Authorization request header <...") |
|||
| (13 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | DreamFactory supports [https://en.wikipedia.org/wiki/Basic_access_authentication Basic HTTP Authentication] both via Authorization request header and URL. At a minimum, you should use HTTPS to protect credentials when using the request header, and should altogether avoid inserting credentials into URLs. | |
| − | + | === API Endpoints === | |
| − | + | ==== Using Authorization request header ==== | |
| − | + | ||
| − | + | ||
<pre>{METHOD} https://{url}/api/v2/{service}/{resource}</pre> | <pre>{METHOD} https://{url}/api/v2/{service}/{resource}</pre> | ||
| Line 19: | Line 17: | ||
</pre> | </pre> | ||
| − | + | ==== Using URL ==== | |
<pre>{METHOD} https://username:password@{url}/api/v2/{service}/{resource}</pre> | <pre>{METHOD} https://username:password@{url}/api/v2/{service}/{resource}</pre> | ||
| − | + | '''''Note:''' Basic Authentication over URL will not work for user agents that support request header (most web browsers)'' | |
| − | + | === Example - Basic Authentication via Authorization request header using JQuery Ajax call === | |
<source lang="JavaScript"> | <source lang="JavaScript"> | ||
var username = $('#username').val(); | var username = $('#username').val(); | ||
var password = $('#password').val(); | var password = $('#password').val(); | ||
| − | var url = | + | var url = 'https://foo.com/api/v2/db/_table' |
$.ajax({ | $.ajax({ | ||
| Line 50: | Line 48: | ||
</source> | </source> | ||
| − | + | === Example - Basic Authentication via URL using CURL === | |
<pre> | <pre> | ||
| − | curl | + | curl https://jdoe%40dreamfactory.com:secret@foo.com/api/v2/db/_table |
</pre> | </pre> | ||
| + | '''''Note:''' %40 = url_encode(@)'' | ||
| + | |||
| + | * Username: jdoe@dreamfactory.com | ||
| + | * Password: secret | ||
| + | * Service: db | ||
| + | * Resource: _table | ||
Latest revision as of 16:15, 13 August 2019
DreamFactory supports Basic HTTP Authentication both via Authorization request header and URL. At a minimum, you should use HTTPS to protect credentials when using the request header, and should altogether avoid inserting credentials into URLs.
Contents
API Endpoints
Using Authorization request header
{METHOD} https://{url}/api/v2/{service}/{resource}
Request Header:
Accept:application/json
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Authorization:Basic {base64_encode(username + : + password)} <-- Basic Authentication
Connection:keep-alive
Content-Type:application/json
....
Using URL
{METHOD} https://username:password@{url}/api/v2/{service}/{resource}
Note: Basic Authentication over URL will not work for user agents that support request header (most web browsers)
Example - Basic Authentication via Authorization request header using JQuery Ajax call
var username = $('#username').val(); var password = $('#password').val(); var url = 'https://foo.com/api/v2/db/_table' $.ajax({ url: url, async: true, type:'GET', dataType: 'json', contentType: 'application/json', beforeSend: function(xhr) { xhr.setRequestHeader("Authorization", "Basic "+btoa(username+':'+password)); }, success: function(json){ ... }, error: function(err) { ... } });
Example - Basic Authentication via URL using CURL
curl https://jdoe%40dreamfactory.com:secret@foo.com/api/v2/db/_table
Note: %40 = url_encode(@)
- Username: jdoe@dreamfactory.com
- Password: secret
- Service: db
- Resource: _table
