Since traditional https://username:password@version_2_api calls (API v1 style) are still possible in API v2, what is the advantage of creating a session_id? In order to create a session id, one must still include their username & password in the API call. This all may be moot since the traffic is encrypted (https). Do session id calls not affect API call limits?
What advantage does using a session_id (which expires) over the traditional credential login (username:password@..)?
Hi ghee22,
As I can see you are still pretty active with the API these days
So basically there is one advantage to use the session based type of authentication with v2.0: it triggers the reprocessing of the data. Basic auth don't do that.
What it means is that when a scan is scheduled and the results are uploaded from the scanner to the platform, we need that a user logs in and unlock the encryption key to process the results in the subscription.
API 2.0 used with session based authentication will do exactly the same as a user opening a UI session.
Yes, thanks Eric!
Hi ghee22,
As I can see you are still pretty active with the API these days
So basically there is one advantage to use the session based type of authentication with v2.0: it triggers the reprocessing of the data. Basic auth don't do that.
What it means is that when a scan is scheduled and the results are uploaded from the scanner to the platform, we need that a user logs in and unlock the encryption key to process the results in the subscription.
API 2.0 used with session based authentication will do exactly the same as a user opening a UI session.