Autentisering mot API-tjänster
Generally authentication is done by adding a Authorization HTTP header to the request. Access is authorized using CAS. Once authenticated a session key is returned which can be used instead to decrease round-trips to and load on the CAS server.
CAS Proxy authentication
The format of the Authorization header for CAS proxy authentication is:
Authorization: X-KTH-VC (cas-proxy)<data>
Where <data> is the proxy ticket recieved from the CAS server.
The format of the Authorization header to use an existing session is
Authorization: X-KTH-VC (session)<data>
Where <data> is the session key previously recieved from the API server.