Basic Authentication
Hey techies,
Hope you are building some high-tech stuff.
I hope your interest in building some cool tech with Integrations brought you here 😎
This blog series will continue in some parts to make every part readable. In this blog series, we will discuss a generic way of Integration with various systems.
We will try to understand the concept of different industry-wide accepted Integration methodologies.
Below is the agenda of this series:
Basic Authentication:
This mechanism is a very simple challenge and response mechanism to connect two systems.
I personally love basic authentication because
- It's simple
- It's easy to implement
- It's secure (controversy alert)
How it works:
In this integration method, The server requires users credentials in the form of base64 encoded string in the Authorization header.
If a client makes a request to the server which is expecting authentication information, the server sends the response with a 401 status code and a reason phrase for error and a WWW-authentication header. The web client then presents this challenge to the user by requesting user Id and password as credentials.
The formate of WWW-authentication header is:
The above part is known as the Challenge part where the server challenges the web client for the authentication information.
Now once the user provides the credentials, the web client encodes these credentials as base64 string and place them in the header of subsequent request as follow:
Where this type of integration should be implemented?
This type of integration is suitable between systems where the connection between client and server is secure.
NOTE: If the client already has user credentials, it can place authentication information in the first request to avoid the Challenge part.
Apex Implementation Of Basic Authentication
I hope this article helped you understand the basics of basic authentication. Please share your views, comments or idea in the comments section.
Talk to you in the next article, till then ciao !!