Auth Services

For the moment, web services uses session based authentication. So the client application must keep track of session id and cookies between requests.

The session can be established with login services:

Login

Request
POST /login.jsp HTTP/1.1
{
  "username": "admin",
  "password" : "secret"
}

The authentication data are sent in the request header’s body.

Returns response with HTTP status 200 if login success otherwise returns HTTP status 401.

Only relevent headers and request body is shown.

Logout

Request
GET /logout HTTP/1.1

The login response returns session cookies which should be tracked by client application.

Some of the libraries that can keep track of sessions: