web:http:authorization

About

authorization is a header that contains credentials to authenticate a user known also as Authentication entry.

Syntax

In the request, you would see the following [header|header]]

Authorization: CredentialType <token>

Type and Authentication entry

Basic

The basic authentication value contains the password credentials

Example:

Authorization: Basic dXNlcjpwYXNzd29yZA==

ie where:

Basic means basic authentication
dXNlcjpwYXNzd29yZA== is the password credentials encrypted in base64

Digest

Authentication - HTTP Digest Access Authentication

Bearer

A bearer is a token with a free form format. The format is known only from the application.

Example:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImFQY3R3X29kdlJPb0VO
ZzNWb09sSWgydGlFcyIsImtpZCI6ImFQY3R3X29kdlJPb0VOZzNWb09sSWgydGlFcyJ9.eyJhdWQiO
iJodHRwczovL21hbmFnZW1lbnQuY29yZS53aW5kb3dzLm5ld............

sso_key

Authorization: sso_key key:value
Authorization: sso_key e902odRf8RFKz_Pmn2CTwRZjdcdUg3abAoCe:QotBm9tBasNdRU22PjGnju

Glossary

Bearer-Only

When an authentication is bearer-only, it means that the authentication requires a authorization header.

¹⁾

Authorization HTTP