Authentication
Keepeek REST API is stateless. The access to DAM resources is restricted to authenticated users. There are two ways to authenticate.
X-KPK-CLIENT-ID corresponding to an ui can be added in headers to check user right access on this ui.
X-KPK-CLIENT-ID = '9b2321ab-acd5-11eb-9c13-b07b254d250d' to check user right access on ui with client-id 9b2321ab-acd5-11eb-9c13-b07b254d250d
Basic authentication
Client application sends user credential using HTTP header Authorization. Header value is computed as follow :
- Concatenate user login and password using ":" separator. encode resulting string in base64 (RFC 4648)
Base64("login:password") = bG9naW46cGFzc3dvcmQ=
- Append the base64 encoded string to the basic authentication prefix
Basic bG9naW46cGFzc3dvcmQ=
Full HTTP header is: Authorization: Basic bG9naW46cGFzc3dvcmQ=
/!\ Basic authentication should not be used over an unsecure channel as it passes user's credential in clear text.
See RFC 2617 for more details
JWT authentication
This kind of authentication needs platform configuration, please refer to your Keepeek Project Manager to configure your platform. A secret has to be shared between Keepeek and your organization.
Some examples of JWT token provider can be find on : https://jwt.io/
Full HTTP header is: Authorization: Bearer <jwt token>>