Authenticate
Description
Logs the user on to the server and returns the LW-SSO, Light Weight Single Sign On cookie (and QCSession cookie in versions earlier than 2020) for use with all subsequent requests.
URL
/Admin/rest/authentication-point/authenticate
If you are using a multi-tenancy system (versions 2020 SP2 and later), the tenant Unique ID should be added to the URL in the format: /Admin/rest/authentication-point/authenticate?tenant=tenant_UID
Example:
GET /Admin/rest/authentication-point/authenticate?tenant=fa128c06-5436-413d-9cfa-9f04bb738df3
Remarks
To create the request header, encode the string "<user name>:<password>" using Base64. The request header text is "Authorization: Basic <encoded user:password>".
In the header of each request after authentication, your application passes the cookies returned by the authenticate resource.
When your application has completed its work, call logout to release the log-on and session.
For versions earlier than 2020: The tokens time out according to the System Administration settings from Application Lifecycle Management, by default after one hour of inactivity. The LW-SSO token is self-contained.
HTTP Method
GET: Returns the LW-SSO cookie (and QCSession cookie in versions earlier than 2020).
Request
Headers:
Authorization: Basic <encoded user:password>
Cookies:
None
Request Body:
None

GET /Admin/rest/authentication-point/authenticate Authorization: Basic c2E6
Response
Headers:
None
Cookies:
Version 2020 (or later) | LWSSO_COOKIE_KEY={LwssoCookie}; |
Versions earlier than 2020 | LWSSO_COOKIE_KEY={LwssoCookie};QCSession={QCSessionCookie}; |
HTML Return Code:
One of the HTTP Return Codes
HTML Body:
None
See Also