Auth Services

For the moment, web services uses session based authentication. So the client application must keep track of session id and cookies between requests.

The session can be established with login services:

Request

POST /login.jsp HTTP/1.1

Header

Content-Type: application/json

Body

{
  "username": "admin",
  "password" : "secret"
}

The authentication data is sent in the body of the request.

Returns response with HTTP status 200 if login success otherwise returns HTTP status 401.

Only relevant headers and request body is shown.

Logout

Request

GET /logout HTTP/1.1

The login response returns session cookies which should be tracked by client application.

Some libraries that can keep track of sessions: