About
Provides request-specific token authorisation method for the Services module.
This means that each API request will need to have a specific HTTP header with a hash string generated from the request body.
Installation
- Enable the module.
- Edit a Services endpoint and enable Request-specific token authorisation in the Authentication section.
- On the Authentication tab, provide the Token key value, and optionally change the Token header name default value (X-Services-Token) if required.
Requirements
Note that for PHP versions < 5.6 this module will not work properly with PUT
and PATCH
requests. To fix this, a small patch for Services module is required. See #2830327: PUT and PATCH requests with PHP < 5.6
Usage
When calling a Services endpoint with request-specific token authorisation enabled, you should add the X-Services-Token
header to your request, which value should be calculated as:
$x_services_token = sha1(<token_key_value> . <request_body>);
Supporting organisations
Project information
- Minimally maintained
Maintainers monitor issues, but fast responses are not guaranteed. - No further development
No longer developed by its maintainers. - Module categories: Administration Tools, Integrations, Access Control
- 66 sites report using this module
- Created by maciej.zgadzaj on , updated
- Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
Releases
Development version: 7.x-1.x-dev updated 2 Aug 2016 at 10:08 UTC