Data API Authentication
SingleStore's Data API uses Basic and Bearer Authentication standards.jwks_
in the engine.
To enable JWT-based authentication on SingleStore Helios,
-
Configure the JWKS endpoint.
Set the jwks_
variable on the database server.endpoint -
Make a HTTP request to the
/api/v2/jwks_
endpoint using thesetup POST
method.
A user agent can authenticate with the server by sending its credentials in an Authorization request header.username:password|JWT
.
Authorization: [Basic | Bearer] <Base-64 encoded username:password|JWT>
For example, the Basic Authorization header for the username demo
and password Afu4XjzB1ns
would appear as follows, where ZGVtbzpBZnU0WGp6QjFucw==
is the Base-64 encoding of the demo:Afu4XjzB1ns
string.
Authorization: Basic ZGVtbzpBZnU0WGp6QjFucw==
If the server requires the user agent to authenticate itself after receiving an unauthenticated request, it will respond with a 401 Unauthorized status and the WWW-Authenticate header.
Note
When using a third-party SQL client or development tool, you must first add a database user to log into a SingleStore Helios database.
Warning
As the Basic and Bearer Authentication methods transfer the username and password (or JWTs) over the network in clear text, it must be used in conjunction with HTTPS/SSL for added security.
Last modified: May 5, 2023