API authentication is essential for secure access to Geonode’s proxy services.

This guide explains how to authenticate API requests using Authentication with the Authorization header.

​
Step 1: Get your users credentails

Before setting up a authenticatation, you need your user credentails details.

​
Step 2: Using Base64 Encoding for Credentials

Authentication requires encoding your credentials (username and password) in Base64 format.

  • Credentials

    • Username: geonode_user
    • Password: securepassword123

  • Combine Credentials: username:password i.e. geonode_user:securepassword123

  • Base64 Credentials: username:password

Encode in Base64

When encoded, this will look like:

Z2Vvbm9kZV91c2VyOnNlY3VyZXBhc3N3b3JkMTIz

Note: You don’t need to manually encode your credentials. Geonode’s API documentation provides tools to automatically generate this Base64-encoded string.

This process converts your plain text credentials into an encoded string that is securely transmitted in API requests.

​
Step 3: Adding the Authorization Header

Once you have the Base64-encoded string, include it in your API requests using the Authorization header.

  • Authorization Header Format:

Authorization: Basic <Base64-encoded-credentials>

  • Example:

Authorization: Basic Z2Vvbm9kZV91c2VyOnNlY3VyZXBhc3N3b3JkMTIz

​
Example

  • Go to the API documentation for the specific endpoint you want to use (e.g., Available Geo-locations).
  • Enter your username and password in the provided fields.
  • The system will automatically generate the correct Authorization header with the Base64-encoded string.
  • Copy the generated code token

​
Best Practices for Secure Authentication

  • Generate the Token Once: Generate your authorization token once and reuse it.
  • Store Securely: Save the token in an environment file (.env) for better security.
  • Avoid Hardcoding: Never hardcode tokens directly into your codebase.
  • Use HTTPS: Always make API calls over HTTPS to protect sensitive information.
  • Rotate Credentials Regularly: Update your credentials periodically to enhance security. Keep in mind, updating credentials means updating the token. You will need to generate a new token whenever new credentials are created.

​
Troubleshooting Tips

  • Ensure that your Authorization header is formatted correctly and includes a properly Base64-encoded username and password. Also, verify that your credentials are correct.

  • Ensure that you are encoding username:password exactly as specified, without any extra spaces or characters.

  • Make sure you are using HTTPS in your API requests. If you are behind a corporate firewall, check if SSL interception is interfering.

  • Use a tool like Postman or cURL to send test requests and verify if authentication is working.

  • Immediately change your password, regenerate your API credentials, and update your token in your code.

​
FAQs

Port ConfigurationProxy Configuration