Skip to end of metadata
Go to start of metadata

Basic Authentication

NetLicensing supports HTTP Basic Authentication (via SSL) relying on the client's username and password to be added in the request.
In order to access secured REST services with HTTP Basic authentication, client applications have to set the HTTP Authorization header's value to: Basic <base64_encoded_username_password>. UTF-8 is the default decoding charset; therefore, the value must also have been encoded with the same charset.

Icon

In case of unauthorized access, HTTP response with status code 403 will be returned.

API Key Identification

NetLicensing also supports API Key Identification to allow limited API access on vendor's behalf.
Leveraging API Key improves security by:

  • Reducing the need to store sensitive credentials on the client side
  • Limiting the set of possible operations which can be done with a particular key
  • Defining fine-grained access rules for critical services (for example: a token is only valid for one service invocation within the next 5 minutes)

Access to the REST services with an API Key is the same as with Basic Authentication, except that username is fixed to the value "apiKey" (without quotation marks) and the actual API Key should be provided in the password field. Use of the API Key does not grant access to any account information, and is not used for authorization.

API Key request example

API Key can be obtained via the NetLicensing Management Console or using the API token service.

Check the services documentation to determine which security mechanisms are allowed for particular NetLicensing service.