Basic API Authentication
Overview
Basic authentication is the simplest form of API authentication you can use. To start, an application sends an authorization request. This request contains a header that begins with the word Basic and a space. After that, it includes a base64 encoded string of the end-user’s username:password. Since you use username and password, this type of authentication is user-based.
When creating basic authentication in Unqork, you can enter your username:password combination. Let’s say you set up a basic authorization of your own. You enter unqorkDemo for your username and 123zyx for your password. Your authorization header looks like this: Authorization: Basic dW5xb3JrRGVtbzoxMjN6eXg=.
Strings are easily encoded to and decoded from base64 using any free online tool. Though your basic authentication credentials use base64 encoding, they’re not encrypted. Because of this, only use basic authentication with other security mechanisms such as HTTPS/SSL.
What You'll Learn
In this article, you'll learn how to:
Setting Up Basic Authentication
To use basic authentication, you must set up a new service. Unqork automatically encodes your username and password entries into the base64.
To add a new service with basic authentication:
| 1. | Click the Administration tab at the top right of the screen. |
| 2. | Under Integration, click Services Administration. |
| 3. | Select Basic Auth from the Type of authentication drop-down menu. |
| 4. | Enter your username and password in the appropriate fields. |
Now, when Unqork attempts to authenticate with that server, it automatically sends over the Authorization header. The Authorization includes the base64 encryption of your username:password combination.
Testing Basic Authentication
Before using your new authentication, try testing it to see if it works properly. Similar to other API authentication methods, you'll test your service integration. You can test your new integration by making an API call in any module. You can also test your integration using an external tool such as Postman. If your API call is successful, your authentication is running smoothly. But, if you receive a 401 not authorized response error message, your authentication wasn't set up correctly.
