Channel API Security

The eFTL server can authenticate channel REST requests using either basic or token authentication. For encryption, use HTTPS.

In a series of interactions, use HTTP basic authentication in the first request. If that authentication succeeds, the response includes an authentication token you can use in subsequent requests.

We clients must handle error response 401, unauthorized. This error could indicate an expired token. A cient with an expired token can obtain a new token by sending another request with basic authentication.

Basic Authentication

For HTTP basic authentication, supply a user name and password in the request, for example:

Authorization: Basic <base64(user_name:password)>

curl -u user_name:password GET http://user_name:password/chan_name/v1/REST_request

Token Authentication

For token authentication, extract the token from the HTTP header X-Auth-Token of a valid response, and supply it in subsequent requests, for example:

X-Auth-Token: token

curl -H "X-Auth-Token: token" GET http://user_name:password/chan_name/v1/REST_request

Contents

Index

Search Results

Channel API Security

Basic Authentication

Token Authentication