Authenticating to a REST API

Question 1

What is authentication

Answer 1

the act of verifying the user’s identity.

Question 2

What is Authorization

Answer 2

the user proving that they have the permissions to perform the requested action on that resource.

Question 3

Describe Basic authentication

Answer 3

also known as Basic Auth, uses the standard Basic HTTP authentication scheme. Basic Auth transmits credentials as username/password pairs separated with a colon ( : ) and encoded using Base64.

Question 4

What is this an example of

Authorization: Basic :

Answer 4

Basic authentication

Question 5

What is Bearer Authentication

Answer 5

also known as Token Authentication, uses the standard Bearer HTTP authentication scheme. It is more secure than Basic Authentication and is typically used with OAuth (to be discussed later) and Single Sign-On (SSO). Bearer Authentication uses a bearer token, which is a string generated by an authentication server such as an Identity Service (IdS).

Question 6

What is this an example of

​ Authorization: Bearer

Answer 6

Bearer authentication

Question 7

What is an API key

Answer 7

also referred to as an API Token, is a unique alphanumeric string generated by the server and assigned to a user.

Question 8

What are the two types of API keys

Answer 8

Public and private api keys

Question 9

What is Open Authorization

Answer 9

also known as OAuth, combines authentication with authorization. OAuth was developed as a solution to insecure authentication mechanisms. With increased security compared to the other options, it is usually the recommended form of authentication/authorization for REST APIs.

Question 10

What is flow

Answer 10

This process of obtaining the token is called a flow.