This article describes the legacy User-based authentication. New consumers should use Client Certificate Authentication or Token Authentication instead.
Flowgear supports user authentication via Basic HTTP Authentication as well as session-based authentication.
Basic Authentication
When an endpoint is accessed through the browser for the first time, an HTTP 401 Unauthorized response will be returned which will cause the browser to present a login dialog. Once valid credentials have been captured, the browser will retain the authentication data for the remainder of the session
To programatically provide Basic Authentication, add the following HTTP Header to the request:
Authorization: Basic {base64sequence}
Where {base64sequence}
is a Base64 encoded representation of {username}:{password}
For example, myname@mycompany.com:mypassword
becomes bXluYW1lQG15Y29tcGFueS5jb206bXlwYXNzd29yZA==
.
The full HTTP Header should be provided as
Authorization: Basic bXluYW1lQG15Y29tcGFueS5jb206bXlwYXNzd29yZA==
Session Authentication
Add an authentication token to the querystring for the request using the identifier auth. For example:https://yourcompany.flowgear.io/reports/revenue/?name=specialreport&auth=9efe0254-bf16-4c2f-9278-8fa121aa92aa
The authentication token can be temporarily obtained from within the Flowgear Console. Open the Account Pane, then select About and copy the value in the Session ID Textbox. To programatically obtain an authentication token, use this request template:GET https://api.flowgear.net/users/{username}/auth/?password={password}
If the supplied username and password are correct, an authorisation token will be returned as a JSON string. For example:"9efe0254-bf16-4c2f-9278-8fa121aa92aa"