Authentication and Authorization

To execute a request, authentication is required. Depending on the use case, you can select between two authentication options:

  • API key and domain filter for a direct browser/server communication.

  • Basic Authentication with Uniserv Cloud Services credentials.

Authentication with API key

For authentication, a combination of API key and domain filter is used. The API key is associated with exactly one user account. A request is deemed authenticated if both of the following applies:

  • it contains a registered, active API key, and

  • it originates from a website hosted in a permitted domain.

Prerequisites

  • In the Uniserv CONNECT Portal, an API key must have been generated for each user account.

  • In the Uniserv CONNECT Portal, a list of permitted domains (at least one) must have been specified.

Parameters

For the call, the following argument must be set in the HTTP request header:

  • X-Auth-Token - This argument must contain the API key of the corresponding user account. The REST service will use this key for authentication.

For more information see API Key

Authentication with Basic Authentication

For authentication use your credentials of your user account in the form of Basic Authentication. For more detailed information, see RFC 2617 p. 5f https://www.ietf.org/rfc/rfc2617.txt.