auth_api
This pluggable module provides API key based authentication service. When this module is enabled, users may generate and use API keys to authenticate themselves when accessing various API application endpoints.
Currently, the API key may be provided via one of the following methods:
The
Authorization
HTTP header.You may provide your API key by adding
Authorization
HTTP header to your requests. Following forms are accepted:Authorization: abcd1234 Authorization: key abcd1234 Authorization: token abcd1234
The
api_key
orapi_token
parameter of the HTTPPOST
request.You may provide your API key as additional HTTP parameter
api_key
orapi_token
of yourPOST
request to particular application endpoint. UsingGET
requests is forbidden due to the fact that request URLs are getting logged on various places and your keys could thus be easily compromised.
Provided endpoints
/auth_api/<user_id>/key-generate
Page enabling generation of new API key.
Authentication: login required
Authorization:
admin
Methods:
GET
,POST
/auth_api/<user_id>/key-delete
Page enabling deletion of existing API key.
Authentication: login required
Authorization:
admin
Methods:
GET
,POST