Best way to pass User Credentials To Rest Service

Question

I am building REST Service which will provide Authentication functionality( Connects To LDAP to Authenticate user Credentials).What is the best way to pass user credentials to REST. Is that best practice to send user credentials in Request body (POST), if not what are the best practices for this kind of scenarios.

Have you seen this? http://stackoverflow.com/a/26778123/1426227 — cassiomolin, Oct 14 '16 at 14:04

score 0 · Answer 1 · answered Oct 14 '16 at 13:51

0

There are several ways to do this. Amazon has a pretty interesant method of authentication that uses headers with timestamp tokens with symmetric passwords. I used this one as a model to design a solution at the company that i work for.

Here is the link. Its pretty easy to implement:

http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html

answered Oct 14 '16 at 13:51

fefedo

11
4

My understanding from above document is Securing REST API ,Basically I am not looking for securing REST API rather my REST API will act as Authentication(LDAP) as a Service. correct me if i am wrong. still is the best way to pass credentials in header by encrypting username/password. – aap Oct 14 '16 at 14:09

Best way to pass User Credentials To Rest Service

1 Answers1