What are common Rest authentication methods ?
Basic Authentication-
This is the most straightforward method. the sender places a username: password into the request header. The username and password are encoded, encoding technique that converts the username and password into a set of 64 characters to ensure safe transmission. e.g. :Authorization: Basic bG9sOnNlY3VyZQ==
Bearer authentication-
Also called ‘token’ authentication. Token - a cryptic string, usually generated by the server in response to a login request.e.g. Authorization: Bearer <token>
API Keys-
Generate a key [unique value assigned to each first-time user] >> then use this key the next time you try to access the system. e.g. Authorization: Apikey 1234567890abcdef
OAuth-
OAuth is technically an method of both authentication and authorization. In this approach, user logs into a system. That system will then request authentication, usually in the form of a token. The user will then forward this request to an authentication server. From here, the token is provided to the user, and then to the requester. Such a token can then be checked at any time independently of the user by the requester for validation and can be used over time with strictly limited scope and age of validity.
Post a Comment