Passing hashed password to action-login

jasonpe · ‎Jan 08, 2015

Hi,

We currently POST data to the url "Thingworx/action-login" and provide the following headers in order to log a user into our thingworx server from and external html page. I was wondering if it is possible to pass a hashed password using this method instead of the plain text password?

<span class="Apple-tab-span" style="white-space:pre"> </span>"thingworx-form-userid":user,

<span class="Apple-tab-span" style="white-space:pre"> </span>"thingworx-form-password":pass,

<span class="Apple-tab-span" style="white-space:pre"> </span>"x-thingworx-session":"true",

<span class="Apple-tab-span" style="white-space:pre"> </span>"redirectUri":start_mashup</div></div></p>

jasonpe · ‎Jan 14, 2015

Anybody know the answer to this?

aamit · ‎Jan 15, 2015

Jason,

An alternative solution would be to implement an Authenticator. It's an extension that can authenticate users.
See details in the wiki at 06.09.

It's more work, but might give you more control & security eventually.

Thanks,
Asaf.