Authentication using username and password

From PlanFix
Jump to: navigation, search

The preferred method of authentication uses a token; authentication with username and password is used for reverse compatibility, so as not to disrupt existing client applications.

When authenticating with username and password, each request must contain a basic HTTP authentication header with an API Key, and the sid field must be in the body. The sid is the session returned when the auth function is executed

Session keys are valid for one hour.

In the basic authentication header, the API key is used as the username, and the password is left blank.

Example using curl

curl -H 'Accept: application/xml' -H 'Content-Type: application/xml' \
-u 4db09df5a62a8a32a9522fcac02d3c6f: -k -d '<request>...</request>'

Information for when creating the header yourself. The basic authentication header looks as follows:

Authorization : Basic NGRiMDlkZjVhNjJhOGEzMmE5NTIyZmNhYzAyZDNjNmY6WA==

where after Basic comes: base64('ApiKey:');

Go To