Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
back

Tasks

Configure Authentication Scheme

search

Please Note:

printsuggest an edit

Configure Authentication Scheme

Authentication method used to validate the identity of the application users. Currently, DPG supports Basic and Bearer schemes. If any other authentication scheme is used, DPG returns invalid authorization scheme error. DPG doesn't read or store your password. Authentication is completely managed by the Application Server.

In this scheme, username and password are passed into the Authorization request header. The username and password are encoded in Base64 format.

  1. Select the authentication scheme on the CipherTrust Manager. For instructions, refer to Managing Applications.

  2. Send the sample request to DPG as shown here: 

curl --user <username>:<password> http://<instanceip>:32082/api/sample/resource/{id}

Here, the {id} must be same as the one used in the POST request.

Caution

Ensure the application that you have created on the CipherTrust Manager is configured to use Basic as the Authentication Method.

copy link to clipboardHow it works

DPG extracts the username from the Authorization Request header and displays output to the users who are part of User Set. The following parameters are considered while revealing the data:

  • Access policy: Determines the way the output will be revealed to the users who are part of User Set.

  • Protection Policy: Determines how to protect/reveal data.

  • User: Username in the authorization header.

In this scheme, security token (a cryptic string) is granted to the application user. The application user must send this token in the Authorization request header when making any reveal request to DPG.

  1. Select the authentication scheme on the CipherTrust Manager. For instructions, refer to Managing Applications.

  2. Send the sample request to DPG as shown here: 

    curl -H "Authorization: Bearer <token>" http://<instanceip>:32082/api/sample/resource/{id}

    Here, the {id} must be same as the one used in the POST request.

    Caution

    Ensure the application that you have created on the CipherTrust Manager is configured to use Bearer as the Authentication Method.

copy link to clipboardHow it works

DPG extracts the username from the Authorization token on the basis of token field and displays output to the users who are part of User set. The following parameters are considered while revealing the data:

  • Protection policy: Determines how to protect/reveal data.

  • User: Username in the authorization header.

On this page