Answer the question
In order to leave comments, you need to log in
What HTTP headers should be used to send a login and digital signature?
Interested in the names of the headers or the rules by which they should be chosen in order to meet the least number of problems.
For example, simple "Username" (for login) and "Digest" (for signing the content of the request) will do? Or maybe there are standard names for them?
Answer the question
In order to leave comments, you need to log in
There is an Authorization header that is quite suitable for this, in which you can pass all the necessary parameters.
For example
Authorization: MyAuthType username="test", signature="W7bdMZbv9UWOTadASIQHagZyirA="
A similar authentication method is used in MAC Access Authentication for OAuth v2
better use X-
This set of top-level media types is intended to be substantially
complete. It is expected that additions to the larger set of
supported types can generally be accomplished by the creation of new
subtypes of these initial types. In the future, more top-level types
may be defined only by a standards-track extension to this standard.
If another top-level type is to be used for any reason, it must be
given a name starting with "X-" to indicate its non-standard status
and to avoid a potential conflict with a future official name.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question