Authentication and authorization
These two terms are normally applied to sensible endpoints, where "authentication" is all about getting the information about which user executes a requests, and "authorization" checks if the authenticated user is allowed to request a resource.
Authentication providers
Based on your authentication method you can choose from the following available providers (all implementing the ServiceStack.Auth.IAuthProvider interface):
- Basic providers: These providers depend on a registered
ServiceStack.Auth.IAuthRepositoryimplementation to ensure authentication:ServiceStack.Auth.CredentialsProvider: You can obtain an authenticated session, by posting a username and a password (either via query string parameters or JSON payload) to/auth/credentials.ServiceStack.Auth.BasicAuthProvider: Adding an HTTP headerAuthorization(according to RFC 1945 for HTTP 1.0 and 2617 for HTTP 1.1) to the request triggers the validation of the provided credentials to obtain...
