...
- Basic Auth
- API keys
- Cookie (Manual)
Basic Auth (Insecure)
If you are just testing a simple case and would like to use your Clowder credentials directly (instead of an API key), you can pass your Clowder credentials using Basic Auth:
| Code Block | ||
|---|---|---|
| ||
$ curl -XPOST 'localhost:9000/api/users/keys?name=testkey' --basic -u 'YourUsername:YourPassword'
{"name":"testkey","key":"257be5f9-e685-4dec-8bed-c4c9dccb0b92"}
|
NOTE: We recommend using API keys over embedded credentials, as it allows you to more easily revoke access in cases where the system has been compromised.
WARNING: Using this auth method will leave your password in your bash history in plaintext (e.g. try running history | grep basic)
SECURITY WARNING: NEVER use Basic Auth without HTTPS - your credentials will be submitted in plaintext, and anyone sniffing the network traffic can see your password.
User API Keys (Recommended)
...
| Code Block | ||
|---|---|---|
| ||
$ curl -XPOST 'localhost:9000/api/users/keys?name=testkey' --basic -u 'YourUsername:YourPassword'
{"name":"testkey","key":"257be5f9-e685-4dec-8bed-c4c9dccb0b92"}
|
You can then attach this key as a query string parameter named key for all subsequent API requests, instead of needing to reauthenticate manually and attaching another cookie.
...