Handle Authentication

Business Analytics Development and APIs : MashZone NextGen APIs : MashZone NextGen REST API : Handle Authentication

Requests can be anonymous to have Business Analytics treat the user as a guest. To send anonymous requests, include the x-p-anonymous Business Analytics header/parameter in the URL or as an HTTP header.

In all other cases, the first request to Business Analytics must supply user identity information. This creates a standard HTTP session. What is required in the initial request depends on how authentication is configured in Business Analytics.

For authentication with SSO (single sign-on solution) or SSL with digital certificates, user identity information is supplied by those solutions. No additional authentication information is required in the request.

For authentication using basic credentials, you must use the REST API method to login to create a Business Analytics session and authenticate the user. This adds a cookie with session information which is then included in all subsequent requests. You can also use the REST API method to logout and end the session or simply let the session expire (based on Business Analytics timeout configuration).

http://app-server:port/presto/edge/api/rest/UserManagerService/login?presto_username=username&presto_password=pw

Both parameters must be in clear text.

Successful logins set a session cookie and return an XML response in the form:

<?xml version="1.0"?>
<ServiceResponseObject>
<version>2.0</version>
<appId></appId>
<sid>UserManagerService</sid>
<svcVersion>1.0</svcVersion>
<oid>login</oid>
<response
>
<authToken>Token is set as HTTP cookie</authToken>
</response>
<errorCode></errorCode>
<invId></invId>
<header/>
<serviceHeaders/>
</ServiceResponseObject>

Unsuccessful logins return a simple text response: Authentication failed.Userid:someName.

Logout: use this URL:

http://app-server:port/presto/edge/api/rest/UserManagerService/logout

Contact Support | Community | Feedback