Logs the user on to the server and returns the LW-SSO, Light Weight Single Sign On cookie (and QCSession cookie in versions earlier than 2020) for use with all subsequent requests.
If you are using a multi-tenancy system (versions 2020 SP2 and later), the tenant Unique ID should be added to the URL in the format:
To create the request header, encode the string "<user name>:<password>" using Base64. The request header text is "Authorization: Basic <encoded user:password>".
In the header of each request after authentication, your application passes the cookies returned by the authenticate resource.
When your application has completed its work, call logout to release the log-on and session.
For versions earlier than 2020: The tokens time out according to the System Administration settings from Application Lifecycle Management, by default after one hour of inactivity. The LW-SSO token is self-contained.
GET: Returns the LW-SSO cookie (and QCSession cookie in versions earlier than 2020).
Authorization: Basic <encoded user:password>
GET /Admin/rest/authentication-point/authenticate Authorization: Basic c2E6
|Version 2020 (or later)|
|Versions earlier than 2020|
HTML Return Code:
One of the HTTP Return Codes