From the course: Cisco DevNet Associate (200-901) Cert Prep 2: Understanding and Using APIs
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
API authentication concepts
From the course: Cisco DevNet Associate (200-901) Cert Prep 2: Understanding and Using APIs
API authentication concepts
- [Instructor] Up to this point, we have not talked about security in API authentication. While there are many proprietary authentication methods, in this section, we're mainly interested in common approaches. The first approach is the HTTP basic authentication. The HTTP user agent simply provides a username and password in the header to provide the authentication credentials. This is the most simple form of authentication, and the least secure. Therefor, it is typically only used in internal network to provide a basic level of authentication. The second approach is the use of API keys. It is a uniquely generated value that is assigned to the user. This can be a static or dynamic key. A static key is typically generated once, and is valid for a specific period of time. A dynamic key is generated each session, that is, the user would authenticate to the remote service in the beginning, obtain a unique key that has an…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.