2.2. HTTP Authentication

An API user submits a mandatory Red Hat Enterprise Virtualization Manager username and password with all requests to the API and uses HTTP Basic Authentication [2] to encode these credentials. If a request does not include an appropriate Authorization header, the API sends a 401 Authorization Required as a result:

Example 2.1. Access to the REST API without appropriate credentials

HEAD [base] HTTP/1.1
Host: [host]

HTTP/1.1 401 Authorization Required

Request are issued with an Authorization header for the specified realm. An API user encodes an appropriate Red Hat Enterprise Virtualization Manager domain and user in the supplied credentials with the username@domain:password convention.

Table 2.1. Encoding credentials for access to the API

Item Value
username rhevmadmin
domain domain.example.com
password 123456
unencoded credentials rhevmadmin@domain.example.com:123456
base64 encoded credentials cmhldm1hZG1pbkBibGFjay5xdW1yYW5ldC5jb206MTIzNDU2

This table shows the process for encoding credentials in base64.
An API user provides the base64 encoded credentials as shown:

Example 2.2. Access to the REST API with appropriate credentials

HEAD [base] HTTP/1.1
Host: [host]
Authorization: Basic cmhldm1hZG1pbkBibGFjay5xdW1yYW5ldC5jb206MTIzNDU2

HTTP/1.1 200 OK


Basic authentication involves potentially sensitive information, such as passwords, sent as plain text. REST API requires Hypertext Transfer Protocol Secure (HTTPS) for transport-level encryption of plain-text requests. See Section 2.1, “TLS/SSL Certification” for more information.


Some base64 libraries break the result into multiple lines and terminate each line with a newline character. This breaks the header and causes a faulty request. The Authorization header requires the encoded credentials on a single line within the header.