Web Service Authentication

Spectrum™ Technology Platform web services can be configured to allow access only to authenticated users. When developing a client application that will access such a web service, you will need to add program code that will add authentication to every web service request if Spectrum's authentication is turned on.

We provide two methods of authentication: basic and token.

With Basic authentication, the user ID and password are passed to Spectrum™ Technology Platform in the HTTP header of each request to the web service. Basic authentication is allowed by default, but your administrator may choose to disable Basic authentication. If Basic authentication is disabled you must use token-based authentication to access web services.

With token-based authentication, the requester obtains a token from the Spectrum™ Technology Platform server, then uses the token when sending a request to the web service. Instead of sending user credentials in each request, the token is sent to the server and the server determines if the token is valid.

Token authentication is more secure than basic authentication. By default the server will be installed allowing both basic and token authentication for web services.

For examples of how authentication is used, we provide downloadable JAXB (Java) and .NET sample code. Find them on the Spectrum Spatial Sample Applications page. For the authentication settings and instructions, see preference.java or preference.cs for the web service you are interested in (Feature, Mapping, Geometry, NamedResources).

For more information on authentication, see Web Service Authentication.