Basic Authentication

This page describes different Basic Authentication setups, covering several prevalently used services. This page also attempts to show how to interpret the web pages describing the authentication.

  • Shopify
    • Shopify is typical of a lot of services which use Basic Authentication.
  • Mailchimp
    • Mailchimp is another service which uses standard Basic Authentication.
  • JIRA / Atlassian
    • Another typical Basic Authentication service.
  • Pepperi
    • This illustrates how to specify additional header parameters used to authenticate with an application.

Shopify

Shopify, the model citizen, use Basic Authentication for their private apps.

https://help.shopify.com/en/api/getting-started/authentication/private-authentication#make-authenticated-requests

Key Facts

  • Uses the standard 'Authorization' header field.
  • Prepend the base-64 encoded string with 'Basic'.

IMan Setup

Use User/Pass - Yes, we need to pass the API Key & Password as a Base64 String.

User Id - API Key

Password - Password

Header Token - Authorization

Authentication Prefix - Basic

Additional Tokens - None

Mailchimp

Mailchimp uses Basic Authentication as described in the following section from their guide.

https://developer.mailchimp.com/documentation/mailchimp/guides/get-started-with-mailchimp-api-3/#authentication

Key Facts

  • Enter any string as the username.
  • Supply your API Key as the as the password.

IMan Setup

Use User/Pass - Yes, we need to pass any string as user and API Key as password.

User Id - Any value.

Password - The API Key

Header Token - Authorization

Authentication Prefix - Basic

Additional Tokens - None

JIRA / Atlassian

https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-basic-authentication/

Key Facts

  • Supply an 'Authorization' header with content Basic followed by the encoded string.
  • Prepend the base-64 encoded string with 'Basic'.

IMan Setup

Pepperi

Pepperi uses a slightly more elaborate authentication means, and the wording is not so easy to decipher.

'These applications authenticate with Pepperi through basic HTTP authentication'

https://developer.pepperi.com/content/authentication

Create as a private application.

Key Facts

  • Using user name 'TokenAuth'.
  • API Token becomes the Password.
  • '+ Your App Consumer Key' as the 'X-Pepperi-ConsumerKey' header value.

Use User/Pass - Yes, we need to pass the API Key & Password as a Base64 String.

User Id - TokenAuth

Password - The API Key

Header Token - Authorization (nothing was mentioned in the documentation)

Authentication Prefix - Basic (nothing was mentioned in the documentation)

Additional Tokens - X-Pepperi-ConsumerKey=<Your App Consumer Key>