Sign inTry Free

Data API Authentication

SingleStore's Data API uses Basic Authentication, which is a simple authentication standard available within HTTP. With this authentication scheme, a user agent authenticates with the server by sending its credentials (username and password) in an Authorization request header. The Authorization header contains the authentication method Basic followed by a space and then the authentication information constructed from a Base-64 encoded string username:password.

Authorization: Basic <Base-64 encoded username:password>

For example, the Basic Authorization header for the username demo and password Afu4XjzB1ns would appear as follows, where ZGVtbzpBZnU0WGp6QjFucw== is the Base-64 encoding of the demo:Afu4XjzB1ns string.

Authorization: Basic ZGVtbzpBZnU0WGp6QjFucw==

If the server requires the user agent to authenticate itself after receiving an unauthenticated request, it will respond with a 401 Unauthorized status and the WWW-Authenticate header.

Warning

As the Basic Authentication method transfers the username and password over the network in clear text, it must be used in conjunction with HTTPS/SSL for added security. The production usage of SingleStore's Data API should only take place with SSL (HTTPS) enabled to ensure that the authentication information is secure.

Last modified: May 5, 2023

Was this article helpful?

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined

  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined

  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
        cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
          --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
          --bundle undefined \
          --new-bundle-format -
    Verified OK