Child pages
  • Authentication
Skip to end of metadata
Go to start of metadata

LinkSmart® LocalConnect offers token-based and basic authentication for services with an HTTP API. The token issuing and validation is done using one of the supported authentication providers.


Providers

Currently supported providers:


Terminology

  • Authentication Server - a service issuing and validating tokens to authenticated clients for configured services, e.g., cas
  • Authentication Token - a token issued by the Authentication Server for authentication to the Service
  • Client - a client authenticating to the Service
  • Service - a service authenticating the Client by the means of the provided Authentication Token


Token-Based Authentication

In token-based authentication implemented in LinkSmart® LocalConnect, Client sends an Authentication Token issues by the Authentication Server to the Service on each request. The Service then validates the given token to grant access.


Authenticated Request

The Authentication Token is sent in the Authorization request header field using the Bearer method. For example:

GET /rc/resources HTTP/1.1
Host: localhost
Authorization: Bearer QXV0aGVudGljYXRpb25Ub2tlbg==


Basic Authentication

In basic-authentication implemented in LinkSmart® LocalConnect, Client sends the authentication credentials to the Service on each request. The Service exchanges the credentials with the Authentication Server for an Authentication Token. It then validates the issued token to grant access.

Basic Authentication should only be used if the requests are encrypted (i.e using HTTPS).


Authenticated Request

The credentials (base64 encoded username:password) is sent in the Authorization request header field using the Basic method. For example:

GET /rc/resources HTTPS/1.1
Host: localhost
Authorization: Basic dXNlcjEyMzpnVVJQNzQ=

  • No labels