Web Services Authentication Methods
Web Services connectivity in GENESIS allows you to call REST services with various authentication mechanisms. When picking an authentication type, the choice is driven by the type of authentication that is supported by the REST service that you want to connect to.
GENESIS can connect to REST services supporting one of the following authentication types.
Authentication Type |
Description |
---|---|
None |
This is an option for REST services that allow anonymous access. It does not perform any authentication with the REST service. |
Query String |
This is a non-standard authentication mechanism that passes a username and a password in clear text in a query string. This authentication method is not secure and should be avoided. |
Basic |
This is the standard basic access authentication, where the Web Services Connector provides a username and a password in the Authorization header with each call. The credentials are passed as a Base64 encoded string, built by joining the username and password with a single colon (:). This authentication method should only be used with HTTPS connections, as the credentials are passed in clear text. Learn more |
OAuth 1.0 or 1.0a |
This is an older authentication protocol that is now superseded by OAuth 2.0. OAuth 1.0 is considered insecure and should be avoided. Learn more OAuth 1.0a is more secure but it has been obsoleted in favor of OAuth 2.0. Learn more |
OAuth 2.0 |
This is an industry-standard protocol for authorization. The OAuth framework specifies several grant types for different use cases. Learn more GENESIS supports the following grant types:
|
New Technology LAN Manager (NTLM) |
This is a Microsoft Windows specific authentication protocol that you can use to authenticate users and computers based on a challenge/response mechanism that proves to a server or domain controller that the user knows the password associated with an account. |
JSON Web Token (JWT) |
This method can be used for REST services that have a custom authentication flow (not OAuth 2.0), but the result of the authorization is a JWT. At minimum, the JWT must contain the exp (expiration time) claim, so that GENESIS can determine whether the token has expired or not. Learn more |