88

Following the instructions at the link below, I successfully built a REST API for my Django application: http://django-rest-framework.org/tutorial/quickstart.

I can test it by doing the following from the Unix prompt:

curl -H 'Accept: application/json; indent=4' -u root:myPassword http://www.myWebsite.com/users/

It works :)

However, I would like to use the Chrome extension Advanced Rest Client to test this same functionality. I have installed the extension, but I don't know where/how to put the fields. When I make my educated-guess (as you can see in the screenshot), it rejects it saying "Authentication credentials were not provided"

screenshot of failing request

How/where should I specify my parameters to the REST API?

abraham
  • 46,583
  • 10
  • 100
  • 152
Saqib Ali
  • 11,931
  • 41
  • 133
  • 272

8 Answers8

99

The discoverability is dismal, but it's quite clever how Advanced Rest Client handles basic authentication. The shortcut abraham mentioned didn't work for me, but a little poking around revealed how it does it.

The first thing you need to do is add the Authorization header: menus

Then, a nifty little thing pops up when you focus the value input (note the "construct" box in the lower right): construct the auth value

Clicking it will bring up a box. It even does OAuth, if you want! convenient inputs

Tada! If you leave the value field blank when you click "construct," it will add the Basic part to it (I assume it will also add the necessary OAuth stuff, too, but I didn't try that, as my current needs were for basic authentication), so you don't need to do anything. fills in the field as needed

Shauna
  • 9,495
  • 2
  • 37
  • 54
  • For basic authentication - https://www.youtube.com/watch?v=1SP1hgm9JqA . In "Headers form" tab, add a header "Authorization". It will do auto-suggest once you start to type. In the value, click Edit (pencil) button and type auth credentials in the pop-up. – uutsav Mar 20 '17 at 09:52
10

From the screenshot I can see that you want to pass "user" and "password" values to the service. You have send the parameter values in the request header part which is wrong. The values are sent in the request body and not in the request header. Also your syntax is wrong. Correct syntax is: {"user":"user_val","password":"password_val"}. Also check what is the the content type. It should match with the content type you have set to your service.

pan1490
  • 939
  • 1
  • 7
  • 25
7

This seems a very old question, but I am providing an answer, so that it might help others. You can specify the variables in the second screen in the form section, as shown below or in the RAW format by appending the variables as shown in the second image.

Specify Form Variables

Specify in RAW format

If your variable and variable values are valid, you should see a successful response in the response section.

Angela
  • 1,671
  • 3
  • 19
  • 29
6

The shortcut format generally used for basic auth is http://username:password@example.com/path. You will also want to include the accept header in the request.

enter image description here

abraham
  • 46,583
  • 10
  • 100
  • 152
  • Thanks. I got a response that included the following:

    CSRF verification failed. Request aborted.

    How do I get around that one?     – Saqib Ali Dec 15 '13 at 23:22
  • Sounds like you are not hitting an API endpoint but are instead hitting an endpoint ment for JavaScript to hit. – abraham Dec 16 '13 at 06:16
  • This is typically a fine solution - unless your UID or PWD include the ":" or "@" symbols. – Blamkin86 Jan 13 '15 at 16:10
  • You may have to URL encode the username/password if they contain reserved characters. – abraham Jan 13 '15 at 16:21
  • I was trying to use your solution for GET command on HTTPS and it didn't work. e.g https://user:@api.com/v2/shipments It works in curl. what is wrong? there is no password – Dejell May 12 '15 at 10:35
4

in the header section you have to write

Authorization: Basic aG9sY67890vbGNpbQ==

where string after basic is the 64bit encoding value of your username:password. php example of getting the header values is: echo "Authorization: Basic " . base64_encode("myUser:myPassword");

n.b: I assumed your authentication method as basic. which can be different as well.

Muktadir
  • 51
  • 1
  • The question specifically asks about how to do it in the Chrome extension Advanced Rest Client. – Shauna Nov 26 '14 at 18:49
  • Shauna's answer was correct and should be the accepted answer, but this comment from sharif is also useful for those who are curious to know what the Chrome Advanced Rest client has done to encode the user and password for you. Thanks. – Deemoe Dec 16 '14 at 01:12
3

Add authorization header and click pencil button to enter username and passwords

enter image description here

Ahmad Nadeem
  • 2,056
  • 1
  • 18
  • 19
0

The easy way to get over of this authentication issue is by stealing authentication token using Fiddler.

Steps

  1. Fire up fiddler and browser.
  2. Navigate browser to open the web application (web site) and do the required authentication.
  3. Open Fiddler and click on HTTP 200 HTML page request. Capturing cookie value using Fiddler
  4. On the right pane, from request headers, copy cookie header parameter value. enter image description here
  5. Open REST Client and click on "Header form" tab and provide the cookie value from the clip board.

Click on SEND button and it shall fetch results.

Praveen Kumar Thalluri
  • 1,137
  • 10
  • 13
0

With latest ARC for GET request with authentication need to add a raw header named Authorization:authtoken.

Please find the screen shot Get request with authentication and query params

To add Query param click on drop down arrow on left side of URL box.

Sagar Misal
  • 145
  • 1
  • 6