Basic Authentication is used to pass Campus LDAP Application Account information down to the backend Web API Services. This information allows the backend Web API Services to determine if there are any special handling needs for the client and adjust it's processing accordingly. For example, an application from the College of Engineer may only be allowed access to student information from the College of Engineering. These credentials allow for that filtering to take place.

Security Overview Diagram

Where To Get It

To get a Campus LDAP Application Account, you'll need to request one using the guidance found in the Campus LDAP Accounts (Application vs Functional) page.

Usage

On calls that require client application information to be sent to the backend Web API Service a Basic Authentication header will be present. That Basic Authentication header can be setup using the UCSBNetID and password of the Campus LDAP Application Account.

Using the example, on Students - Student Registrations, click on the Authorize button:

accessing the employee map API

Enter your API Key information. Follow the Security - API Key Usage guidance if needed.

Enter the Campus LDAP Application Accounts UCSBNetID as the username and the Password as the password and then click Authorize.

entering your basic authentication

Next, click on /registrations/v1/registrations/{perm} to expand the operation and see it's details. On the right side, click on Try it out in order to make the perm field editable.

entering your basic authentication

Fill in the perm field with a Perm number, and click Execute to try out the request.

You should receive a response similar to this:

[
  {
    "perm": "1234567",
    "quarter": "20074",
    "classLevelCode": "FR",
    "classificationCode": "N",
    "regStatusCode": "R",
    "feeStatusCode": "P",
    "objLevelCode": "U",
    "registeredPaidFlag": "Y",
    "eapReciprocityFlag": "N",
    "studyLoadStatus": "F",
    "studyLoadUnits": 16
  },
  {
    "perm": "1234567",
    "quarter":

Note: The above response is fictitious because there is no perm 1234567.

cURL Output

For completeness, you can scroll down to the cURL area to view the full HTTP Request sent via cURL. Your Basic Authentication header is actually called Authorization, in the form Authorization: Basic base64encoded(username:password). There are websites online that can also help you if you are base64 encoding your credentials properly (base64encode.org).

entering your basic authentication

Future Plans (OAuth)

The campus is working on a long term strategy to make OAuth available in order to authenticate all campus identities (People and Applications). When that capability becomes available, we will be converting over the Campus API Gateway to use the Campus OAuth system for authenticating applications and securing APIs. We don't see this happening in the near term, but it's definitely on the long term roadmap.