User authentication, Development tools, User authenticate() – BrightSign Network Web API Reference Manual v.3.8 User Manual

6

User Authentication

Credentials

Both BSN endpoints use simple username-password authentication; the username has the following format:
{AccountName/{UserLogin}. These credentials should be passed in the header of all SOAP requests according to
the corresponding SOAP specification. The complex security rules of the WS-* endpoints are defined in the WS-Security
specification. The WS-I Basic Profile, on the other hand, defines just two special elements in the message header for the
username and password.

Encoding

The WS-* endpoint is configured to use message-level encoding exposed over HTTP: Each request/response is encoded
by the application first, then wrapped by a service message and sent in plaintext over the Internet.

The WS-I Basic endpoint, on the other hand, is configured to use transport encoding, with message credentials exposed
over HTTPS: Each request/response is sent to the web server or client in plaintext; it is then encoded and transferred over
the Internet via SSL/TLS.

Development Tools

The BSN WebUI contains a simple method that can be used for configuration checks and client login dialogs:

User Authenticate()

This method validates the passed credentials and returns the corresponding User instance. Note that User credentials
should be specified in all other method calls.