Authorization¶
API keys¶
Apps which want to access the API must obtain an API key. There are two methods for doing so.
- Unlocking the gateway
- HTTP basic authentification
Unlocking the gateway¶
Unlocking the gateway for a short period of time allows any app to acquire an API key via configuration API.
To unlock the gateway for 60 seconds:
- In a new browser tab open the Phoscon App
- Click on Menu → Settings → Gateway
- Click on “Advanced” button
- Click on the “Authenticate app” button
See: Phoscon App — Advanced Gateway Settings
HTTP basic authentication¶
Apps might want to receive an API key without the need that the user must unlock the gateway. This could be achieved by asking the user for the gateway username and password and handover the credentials in the Acquire API key call via HTTP basic authentification.
The API call needs to be extended with HTTP header field Authorization
as follows:
Authorization: Basic <credential-hash>
There <credential-hash> is the base64 encoded version of username:password
.