Re: has anyone scripted doing updates to the CII site?


David A. Wheeler
 

On Aug 12, 2020, at 5:43 PM, HANSEN, TONY L <tony@att.com> wrote:
David, here are some questions not answered by that page:
* Does the REST API support basic authentication (over TLS)? Or some other HTTPS authentication method?
It uses TLS to authenticate the best practices server, as well as provide
confidentiality & integrity between client & server.
Login session management uses an HTTP cookie, not basic authentication.

A quick summary is “do what a human user would do”. You use a POST
to log in (with username & password), and get a cookie that represents your session.
That cookie can then be used (for a period of time) by sending it as part of
future requests, and grants you whatever your account is authorized to do.

* When using the PATCH verb, what is the JSON input expected to look like?
PATCH /projects/:id(.:format) projects#update
This is actually implemented by the underlying Rails framework. I’ll have to search,
but I believe there’s lots of sites that go into this.

— David A. Wheeler

Join CII-badges@lists.coreinfrastructure.org to automatically receive all group messages.