Users
There are four ways to authenticate a user:
- atNone ("AuthType": "atNone")
- atUser ("AuthType": "atUser")
- POST/API/Users/Authwithcookie
- POST/API/Users/Authwithtoken
|
1. atNone ("AuthType": "atNone")
If the parameter AuthType is set to atNone, there is no authentification and the user is taken from the connection string in appsettings.json file.
2. atUser ("AuthType": "atUser")
If the parameter AuthType is set to atUser, the user and password are send at each connection to create the connection string.
2.1 Example for Advanced REST client:
Selected Basic authorisation allows you to send username and password in a request header.
You can also enter in the service HEADER:
authorization: Basic XXXXXXXXXXXX
where XXXXXXXXXXXX is base64-encrypted username: password
You can also use other authentication method that is allowed by the client aplication.
3. POST/API/Users/Authwithcookie
This API generates a cookie atCookie ("AuthType": "atCookie") for autorisation in the .json format.
User and password will be sent in the .json format.
{
"username": "string",
"password": "string"
}
Expiration in minutes is specified in the parameter "CookieExpiresMinutes": 2,
4. POST/API/Users/Authwithtoken
This API gnerates a token atToken ("AuthType": "atToken",) in the .json format needed for the autorisation in each API service call.
{
"username": "string",
"password": "string"
}
User and password will be sent in the .json format.
Selected Bearer authorization allows you to send an authentication token in the authorization header using the 'bearer' method.
You can also add the token in the service HEADER.
authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Token expiration in days: "TokenExpiresDays": 1,
Tokens can be structured as JWT or JSON Web Tokens (https://jwt.io/).