Authenticating web requests
In this chapter, we will learn how APIs handle authentication when they're queried. While there are some APIs out there that do not require any sort of authentication, most APIs will require some sort of user-provided authentication in order to associate a request with a user and verify that that user is actually who they claim to be. This also helps ensure they have the right set of permissions to access the resource that is being requested.
The most common way to carry out this authentication is by using an Authorization
header. You may want to refer to Chapter 8, Configuring Devices Using RESTCONF and requests, the Revisiting the HTTPS request-response module recipe, for a more detailed recap of how HTTP requests work, but in summary, headers are additional meta information that can be sent by a client to the server. The header is a key-value pair, where in our example the key is Authorization and the value is the secret that authenticates us...