Developing a simple JavaScript client using the Alfresco REST API - Authentication over Alfresco

Document created by alfresco Employee on Mar 16, 2017Last modified by alfresco Employee on Mar 27, 2017
Version 3Show Document
  • View in full screen mode

This content is part of the tutorial describing how to develop a very simple JavaScript client using the Alfresco 5.2 REST APIs. In this document is described how to authenticate over Alfresco using the Alfresco REST API. To better describe the tasks, we are going to use “a step by step“ approach, more practical and easy to follow for our goal.

 

Talking about authentication, there are two possibile ways to authenticate over Alfresco: with Basic Authentication and using a ticket. The second one should be preferred in many use cases but we are going to introduce both, for a complete description.

 

Using the Basic Authentication

 

The first method of authentication over Alfresco is the Basic Authentication using directly the REST call of the service you are going to use. In the image below, we can see this method of authentication using Postman directly on a REST call.

 

 

Alfresco 5.2 REST APIs support the Basic Authentication as the simplest technique for enforcing access controls to web resources. In practical cases, especially when a lot of REST calls are done in the same application or page, the number of session opened into Alfresco could be out of control and a "ticket based" approach should be preferred.

 

Using the Authentication REST APIs to get a ticket

 

Ticket-based authentication is not new to Alfresco. It's based on a REST call to a specific service, to return a string representing a new session created in the system. The string should be passed to the next REST calls, to reuse the same session and optimise the resources on the server. For further information and details about the user identity, please read here.

 

In the brand new Alfresco 5.2 REST APIs all the requested services to manage the authentication are available. You can also know more about authentication using the Alfresco API Explorer, directly into your environment. Below an screenshot showing how the Alfresco API Explorer look like about authentication.

 

 

Now that we know more about authenticating into Alfresco using the ticket, let's see how to get it using the Alfresco 5.2 REST APIs and Postman.

 

 

In the next task, we are going to start using the JavaScript client and seeing in practice how it works.

 

Next task - Introducing the JavaScript client to list nodes. >>

Attachments

    Outcomes