/auth: Last updated 2022-10-05 14:45:09 by Conrad Wood

Authentication


There are multiple ways to authenticate a web client:

  1. depending on the useragent, a basic authentication will be trigged if required. For example “wget”.
  2. If the url contains a a parameter “apikey”, it’s value will be taken as a token and authentication attempted with it. For example: https://www.singingcat.net?apikey=footoken
  3. form based authentication. A client will be authenticated with a form if no other means of authentication is available.
  4. send a Header “Authorization” and as its value “Bearer [yourtoken]”

Where a username/password combination is required, one can use any one of the below:

  1. userid@token.yacloud.eu + usertoken
  2. email + password