3.2. Using HTTP Authentication

All requests to the Satellite API require a suitable user name and password. The API uses HTTP Basic Authentication [1] to encode these credentials, which are then added to the Authorization header. If a request does not include an appropriate Authorization header, the API returns a 401 Authorization Required error.


Basic authentication involves potentially sensitive information, such as passwords, sent as plain text. The REST API requires HTTPS for transport level encryption of plain text requests.
Some base64 libraries break encoded credentials into multiple lines and terminate each line with a newline character. This invalidates the header and causes a faulty request. The authorization header requires that the encoded credentials be on a single line within the header.