Okay. Is there anywhere a tutorial or description?
Another point is that I am developing a plugin for my remote and also want to use the rest API with a token. Is there anywhere a description how to use the token correctly??? @Spaceman_Spiff
I am looking for an example call
I have tested HABapp with the Token and that works too. Changing your password would not break HABapp and you can revoke or replace the Token without affecting the admin account.
Because the token is not used right now… And you don’t need it right now for openhab…My guessing is that the function for using a token is not active or broken?
But @Kai or @mstormi can give a hint
I am successfully using the token with Basic Authentication disabled. Without the Token the API calls do not work. Basic Authentication was added later as an option for systems that do not support the standard API Token.
Don’t ping people, don’t annoy them.
If people want to answer or not they will or not but decision is theirs not yours.
Stating that as a moderator (not just the personal opinion of the person you pinged).
Yes you do, you’re annoying me by pinging me.
It’s not yours but the addressee to tell if he feels annoyed, isn’t it?
So as a moderator may I kindly ask you not to ping people any more. Thank you.
Your authorization header should be like this to use the token:
Authorization: Bearer <token>
(note the Bearer scheme)
Or alternatively you can use it as the username of a Basic authorization scheme with an empty password, example: Authorization: Basic <base64(token + ":")>
(most libraries and tools will help you with this)
Don’t activate Basic Auth in the API Security settings unless you really need to, if you use a token, even as a Basic Auth username, you don’t need this setting enabled.
This is the purpose of the advanced option in API Security settings “Implicit user role for unauthenticated requests” which is enabled by default. Disabling it would require authorization for all non-admin requests including item updates, but it doesn’t work well with UIs including the main UI, so it’s not recommended right now.