Authentication

Authentication options are described in the Authentication section.

When ADS is configured to use authentication, any request without authentication headers, or with invalid credentials, will return HTTP 401 Unauthorized.

Authentication parameters are sent in the authorization header. For example, in basic authentication, this consists of the string Basic followed by a base64-encoding of a concatenation of the username, a : (colon) character, and the password.

Most HTTP clients will have a more convenient method of entering this information, for example,

curl --data @request.json -H content-type:application/xacml+json http://localhost:8080/authorize -H authorization:Basic\ YWRzLXVzZXI6c2VjcmV0

is equivalent to

curl --data @request.json -H content-type:application/xacml+json http://localhost:8080/authorize -u ads-user:secret

Refer to the documentation of the client for details.