Integrations - REST - One Hash to access all collections

Jason Buck asked on June 1, 2017 09:05

Is there a way to Authenticate a user and then have 1 hash that can access all collection URL's.

I am using Kentico 10 documentation states this "Restrictions: Only works for GET requests (read only data retrieval) You cannot use hash parameter authentication for /all object retrieval requests (/rest/<object type>/all). " On this page https://docs.kentico.com/k10/integrating-3rd-party-systems/kentico-rest-service/configuring-the-rest-service

So I am assuming NO. So if I authenticate my user (username:password) via head base64 encoded, will that allow me to view all the collections without having to generate a hash for each page.

TIA

Jason

Recent Answers

Peter Mogilnitski answered on June 1, 2017 16:14 (last edited on June 1, 2017 16:18)

The hash parameter allows you to prepare REST requests that can be executed by unauthenticated users. Requests that contain the hash parameter ignore the credentials specified in the authentication header. This is why there are restrictions like you can use only GET and you cannot use hash parameter authentication for /all object retrieval requests. This is an intentional security limitation that protects global data in the system.

You can have 1 hash to access all the collections, but you have to enter enter the list of all URLs for all the collections!!! On top of that each URL is full absolute URL of the REST request, including the protocol, website domain name, virtual directory, REST path, and query string parameters. Do you want to do it?

So you were on the right path: create a user give him privilege level and permissions and use basic authentication.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.