Authentication

Version 4 of our API uses http digest for authentication over both http, and optionally https. While http digest is great for authentication and security it does involve a challenge and its response, which doubles the request overhead.

To overcome the challenge response all API Kits 'pre compute' the challenge and send a fully formed digest header with each query. This speeds up requests and ensures web service queries can be answered in one reply.   Auth Digest at Wikipedia
To pre-compute the digest we set the realm to 'APIv4' and the nonce (from the server) to 'APIv4', then follow the [ RFC-2617] calculation for the auth digest header (which is more easily grock'd from the Wikipedia page above).

Still need help? Contact Us Contact Us