Basic Auth
From DreamFactory
DreamFactory supports Basic HTTP Authentication both via Authorization request header and URL. At a minimum, you should use HTTPS to protect credentials when using the request header, and should altogether avoid inserting credentials into URLs.
Contents
API Endpoints
Using Authorization request header
{METHOD} https://{url}/api/v2/{service}/{resource}
Request Header:
Accept:application/json
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Authorization:Basic {base64_encode(username + : + password)} <-- Basic Authentication
Connection:keep-alive
Content-Type:application/json
....
Using URL
{METHOD} https://username:password@{url}/api/v2/{service}/{resource}
Note: Basic Authentication over URL will not work for user agents that support request header (most web browsers)
Example - Basic Authentication via Authorization request header using JQuery Ajax call
var username = $('#username').val(); var password = $('#password').val(); var url = 'https://foo.com/api/v2/db/_table' $.ajax({ url: url, async: true, type:'GET', dataType: 'json', contentType: 'application/json', beforeSend: function(xhr) { xhr.setRequestHeader("Authorization", "Basic "+btoa(username+':'+password)); }, success: function(json){ ... }, error: function(err) { ... } });
Example - Basic Authentication via URL using CURL
curl https://jdoe%40dreamfactory.com:[email protected]/api/v2/db/_table
Note: %40 = url_encode(@)
- Username: [email protected]
- Password: secret
- Service: db
- Resource: _table
