Starting your header for different authentication types

Many HTTP devices and servers support basic authentication for executing HTTPGet(), HTTPPost(), or HTTPPut() requests. However, many also require additional parameters for proper server authentication. If you receive a 401 error with your request, you must provide credentials such as a username and password, hash, or token to authenticate with the server before sending or receiving data. The 401 error message often provides additional information about the authentication method you should use.

NOTE:

Regardless of the authentication mode, Campbell Scientific data loggers do not support caching with a cookie.

NOTE:

It is generally best to set the header in your CRBasic program just before sending the HTTP request. This allows useful information from the server to be stored as part of a server, which can then be parsed in your data logger program for further use.

Authentication methods are discussed in the following sections:

Plain text authentication

  1. Your data logger sends the username and password in the URI/URL request.

  2. The server accepts the request.

Example URI/URL:

http://username:password@http.server.address

Basic authentication

  1. Your data logger connects to the web server and sends its username and password encoded as Base64.

  2. The server then processes the request.

Use this format:

“Authorization: Basic QWRtaW4=:UGFzc3dvcmQ=”

Avoid this format:

“Authorization: Basic Admin:Password”

To easily convert your username and password into Base64, you can use online tools like Base64 Guru.

https://base64.guru/converter/encode/text

To convert, enter your username or password, then click Encode. For example, encoding "Admin" results in QWRtaW4=. When using Basic Authentication with Base64, always separate the username and password with a colon (:).

Digest authentication

(See example code in HTTPPost() digest authentication example.)

Digest Process Summary:

If you are using this method, start with our sample code and modify it for use with the HTTP server you are communicating with.

  1. The client asks for the HTTP resource and returns a 401 error with the authentication realm and a nonce (a "number used once").

  2. The data logger reads the error message and parses out the realm and nonce.

  3. The data logger creates a hash using the username, password, realm, and nonce.

  4. The data logger sends another HTTPGet() to the server with the hash in the request's header.

  5. The server validates the hash and grants access.

Example Header:

"Authorization: Digest xx-XXXXXX"

See HTTPPost() digest authentication example for example code.

Bearer (token) authentication

(See example code in HTTPGet() bearer (token) authentication example.)

  1. The data logger makes the HTTP Request specifying Bearer in the Header, followed by a token (a hash).

  2. The Server accepts the request.

Example Header:

"Authorization: Bearer xx-XXXXXX"