4 Replies Latest reply on Sep 3, 2017 11:42 PM by niharika1108

    Basic Authentication for API calls

    chrisadp

      I'm trying to make a basic authentication API request,

      http://login:pass@sample.jiveon.com/api/core/v3/search/contents?filter=search(test)

      but am getting back a 401 unauthorized error.  If I manually login to sample.jiveon.com and log in with non-sso, the request works fine.  Is it possible to authenticate for each request made to jive?

        • Re: Basic Authentication for API calls
          chrisadp

          To clarify, AFTER I log in at jive, the API call can be made. 

           

          Another example is if I am not logged in at community.jivesoftware.com, this request says I'm a guest.

          https://community.jivesoftware.com/api/core/v3/people/@me

           

          If I am logged out, this doesn't give user detail information.

          https://login:pass@community.jivesoftware.com/api/core/v3/people/@me

           

          after I've logged in at community.jivesoftware.com,

          community.jivesoftware.com/api/core/v3/people/@me

          will give me user details.

           

          This seems like basic authentication does not work?

            • Re: Basic Authentication for API calls
              matthewo

              Hey Chris Kim!

               

              Basic Authentication isn't quite going to work the way you're imagining with your username and password in the URI.  You're seeing results when you hit that API endpoint in your browser if you log into the site manually because at that point, you have an authenticated session available.  If you try and use your username and password as part of the URI like you would if connecting to an FTP host for example, you won't be authenticated.

               

              To work with an API you'd want to do so with a client where you can place your basic authentication credentials within the request headers as a base-64 string.  The details don't matter too much as a client typically would take care of that for you.  You could use cURL for example or PowerShell, which is my preferred method in my Windows environment (you can really create some powerful scripts and functions with PowerShell).

               

              I'd start with a search for how to use cURL, PowerShell or another client for connecting to a server/API.

               

              If you're interested in PowerShell, I could give you the basics on how to write a script for basic authentication access.

               

              Cheers!

              Matt