Since the introduction of REST API v2 with eZ Publish 5.0, two a= uthentication methods are supported: session, and basic.
As of eZ Platform the default authentication method is Session-based as = this is needed for UI.
This authentication method requires a Session cookie to be sent with eac= h request.
If this authentication method is used with a web browser, this session c= ookie is automatically available as soon as your visitor logs in. Add it as= a cookie to your REST requests, and the user will be authenticated.
It is also possible to create a session for the visitor if they aren't l=
ogged in yet. This is done by sending a POST request to =
/user/sessions. =
Logging out is done using a DELETE request on the same resource.
More information
To enable HTTP Basic authentication, you need to edit app/config/<=
span>security.yml, and add/uncomment the following block. Not=
e that this is enabled by default.
ezpublish_rest:
pattern: ^/api/ezp/v2
stateless: true
ezpublish_http_basic:
realm: eZ Publish REST API=20
Basic authentication requires the username and password to be sent = (username:password), based 64 encoded, with each request, as expla= ined in RFC 2617.
Most HTTP client libraries as well as REST libraries do support this met= hod one way or another.
GET / HTTP/1.1 Host: api.example.com Accept: application/vnd.ez.api.Root+json Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=3D=3D=20