Authentication methods

These sections below describe the available authentication methods in Xapix and the combination of schemes and credentials that are required.

API Token authentication

API Token authentication uses an API key provided by a client when making API calls. It is a stateless authentication scheme where each request to a server must have a signed token which is used to verify user authenticity. Once verified, the server then responds to the request.

To create API Token authentication:

Cookie authentication uses HTTP cookies to authenticate client requests and maintain session information. The authentication is set in an API key token.

To create Cookie authentication:

Bearer Token authentication

Bearer Token authentication uses security tokens called bearer tokens for HTTP authentication. These type of tokens are cryptic strings usually generated by the server in response to logins. This string must be provided in the authorization header when making requests to protected resources , for example in a cURL command --header 'Authorization: Bearer API_Key'.

To create Bearer Token authentication:

Basic authentication

Basic authentication is a simple authentication method that is part of the HTTP protocol. It requires a valid base64-encoded username:password string.

To create Basic authentication:

OAuth2 authentication

OAuth2 authentication uses an authentication server to communicate with an API server to grant access. It can be either "one-legged" (for use with non-sensitive data) or "three-legged" (for sensitive data).

To create OAuth2 authentication:

AWS Signature V4 authentication

AWS Signature V4 authentication is a process that adds authentication information to AWS requests sent by HTTP. It requires security credentials which are username/password pairs.

To create AWS Signature V4 authentication: