Basic authentication
Within the context of Cloud API authentication, an internal user is a person who is listed as a user in the ClaimCenter database. For example, Andy Applegate, a ClaimCenter adjuster, is an internal user. Internal users can use caller applications and trigger Cloud API calls from that application. For example, suppose there is a loss documentation portal that contains pictures of a damaged auto taken by a third-party field agent. An adjuster reviews and selects pictures to be saved to ClaimCenter. This action triggers a Cloud API call by an internal user from a caller application.
Internal users can be authenticated using either basic authentication or bearer token authentication. Basic authentication is an authentication method in which only the user's user name and password are provided, and they are provided in the request header.
- Internal users (and only internal users) can use basic authentication.
- With basic authentication, the authentication information is retrieved from the operational database using information in the request header
Basic authentication is not supported in production environments.
Basic authentication can be useful in development when you want to test aspects of endpoint behavior that are not related to authentication. Basic authentication does not require any interaction with Guidewire Hub to generate JWTs. You can authenticate a Cloud API call using only the caller application and ClaimCenter.
This topic describes how to implement basic authentication for internal users. (For information on how to implement bearer token authentication for internal users, see OAuth2 authorization code flow: Internal users.)