Auth Services

For the moment, web services uses session based authentication. So the client application must keep track of session id and cookies between requests.

The session can be established with login services:

Login

Request
POST /login.jsp HTTP/1.1
Header
Content-Type: application/json
Body
{
  "username": "admin",
  "password" : "secret"
}

The authentication data is sent in the body of the request.

Returns response with HTTP status 200 if login success otherwise returns HTTP status 401.

Only relevant headers and request body is shown.

Logout

Request
GET /logout HTTP/1.1

The login response returns session cookies which should be tracked by client application.

Some libraries that can keep track of sessions: