0
0
Rest APIprogramming~5 mins

Basic authentication in Rest API - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is Basic Authentication in REST APIs?
Basic Authentication is a simple method to secure REST APIs by sending a username and password encoded in Base64 with each request.
Click to reveal answer
beginner
How is the username and password sent in Basic Authentication?
They are combined as 'username:password', then encoded using Base64, and sent in the HTTP header as 'Authorization: Basic <encoded_string>'.
Click to reveal answer
intermediate
Why is Basic Authentication considered insecure over plain HTTP?
Because the Base64 encoded credentials can be easily decoded if intercepted, so it should only be used over HTTPS to encrypt the connection.
Click to reveal answer
intermediate
What HTTP status code does a server return when Basic Authentication fails?
The server returns 401 Unauthorized status code and includes a 'WWW-Authenticate' header to prompt the client for credentials.
Click to reveal answer
beginner
How does a client include Basic Authentication credentials in a REST API request?
The client adds an HTTP header: 'Authorization: Basic <Base64 encoded username:password>'.
Click to reveal answer
What does the 'Authorization' header contain in Basic Authentication?
ABasic followed by Base64 encoded username and password
BBearer token
CAPI key in plain text
DEncrypted JSON Web Token
Why should Basic Authentication be used only over HTTPS?
ABecause HTTP does not support headers
BBecause HTTPS speeds up the request
CBecause Base64 encoding is not encryption and can be decoded easily
DBecause HTTPS changes the username automatically
What HTTP status code indicates failed Basic Authentication?
A404 Not Found
B200 OK
C403 Forbidden
D401 Unauthorized
How are username and password combined before encoding in Basic Authentication?
Ausername,password
Busername:password
Cpassword|username
Dpassword:username
Which header does the server send to request Basic Authentication credentials?
AWWW-Authenticate
BAuthorization
CContent-Type
DAccept
Explain how Basic Authentication works in REST APIs.
Think about how credentials are sent and protected.
You got /4 concepts.
    Describe why Basic Authentication is not secure on its own and how to improve its security.
    Focus on the difference between encoding and encryption.
    You got /4 concepts.