Show Table of Contents
2.2. HTTP Authentication
All requests to the Satellite API require a suitable user name and password. The API uses HTTP Basic Authentication [2] to encode these credentials, which are then added to the Authorization header. If a request does not include an appropriate Authorization header, the API returns a 401 Authorization Required error.
Table 2.1. Encoding Credentials for Access to an API
| Item | Value |
|---|---|
| user name | admin |
| password | changeme |
| unencoded credentials | admin:changeme |
| base64 encoded credentials | YWRtaW46Y2hhbmdlbWU= |
An API user provides the base64 encoded credentials as shown:
Example 2.1. Access to a REST API with Appropriate Credentials
HEAD [base] HTTP/1.1 Host: [host] Authorization: Basic YWRtaW46MTIzNDU2 HTTP/1.1 200 OK ...
Important
Basic authentication involves potentially sensitive information, such as passwords, sent as plain text. The REST API requires HTTPS for transport-level encryption of plain-text requests.
Important
Some base64 libraries break the result into multiple lines and terminate each line with a newline character. This breaks the header and causes a faulty request. The Authorization header requires that the encoded credentials be on a single line within the header.
[2]
Basic Authentication is described in RFC 2617 HTTP Authentication: Basic and Digest Access Authentication.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.