search

Basic Authentication

When invoking MAT APIs, no login flow is required, but a credential exchange is still necessary. Using Basic authentication, you must provide your credentials with every request you make.

For this type of authentication to be accepted by the various services, they must be enabled to use it. Additionally, all accepted users and their respective permissions need to be configured. Note that for each user, the following information must be specified:

  • client_id: this is the username, identifying the user making the request;

  • client_secret: this field represents the secret associated with the user;

  • permissions: each user must be assigned the relevant permissions.

The link below provides access to a section detailing the entire procedure for configuring services for Basic authentication and user setup.

https://40factory.gitbook.io/ae-guide/webapp/configurare-la-basic-auth40factory.gitbook.iochevron-right

To send any request using Basic authentication, you must include the following field in the request Header:

Here, the string "yourBase64EncodeOfClientId:ClientSecret" must be replaced with the Base64 encoding of your credentials (username and password) separated by the : symbol. Below is a Python script to generate your Basic authentication string.

Script for encoding your credentials in Base64 and generating the Basic token.

Note that some software used to make HTTP requests allows you to select an authentication method and automatically handles the complexity of encoding credentials. In such cases, you only need to input your username and password in their unencoded form.

POSTMAN - Example of an interface that automatically handles credential encoding and adds the authorization string to the request headers.
PreviousEdge CaseNextEndpoints Description