Basic Authentication


What is Basic Authentication

Expense passes credentials using HTTP Basic Authentication to authenticate with the application connector. By default Basic Authentication mechanism provides a request encoded with Base64 String over Hypertext Transfer Protocol Secure (HTTPS), a communications protocol for secure communication. The Basic Authentication implementation is the simplest technique for enforcing access controls to web resources because it doesn't require cookies, session identifier and login pages. Rather the Basic Authentication uses static, standard HTTP headers which means that no handshakes.

The Authorization header is constructed as follows:

  • Username and password are combined into a string "username:password".
  • The resulting string is then encoded using the variant of Base64 String.
  • The authorization method and a space i.e. "Basic " is then put before the encoded string.

For example, if the user agent uses 'Aladdin' as the username and 'open sesame' as the password then the header is formed as follows:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==


Last Update: 06/2016


About Concur

Concur Blog

Contact




Concur is a leading provider of integrated travel and expense management solutions. More

  • 601 108th Ave NE, Suite 1000
  • Bellevue, WA 98004 USA
  • Phone: 800 401 8412
  • Fax: 425 590 5999

2016 © All Rights Reserved.

Privacy Policy

|

Terms of Use

|

API Deprecation Policy