If a namespace requires authenticated client access, you need to pass a username and password in every HTTP request. If a namespace does not require authenticated client access, you can optionally pass a username and password in an HTTP request or you can omit them to access the namespace anonymously.
![]() |
Note: If the namespace you are trying to access is configured to support Active Directory (AD) single sign-on, anonymous access requests to that namespace or objects in that namespace will fail. |
To access the namespace as an authenticated user, you need a user account that’s defined in HCP. If HCP is configured to support Active Directory® (AD), applications can also use an AD user account that HCP recognizes to access a namespace through the HTTP protocol.
HCP also accepts AD authentication provided through the SPNEGO protocol or through the AD authentication header. For more information about SPNEGO, see http://tools.ietf.org/html/rfc4559. For more information about AD authentication headers, see Active Directory authorization header
If you specify a username in an HTTP request, that username must identify a user account that has the permissions needed to perform the requested operation. For more information about permissions, see Permissions.
Regardless of whether the namespace requires client authentication, if you provide credentials in an HTTP request, they must be valid. If you provide invalid credentials, HCP responds with an HTTP 403 (Forbidden) error code.
To provide credentials in an HTTP request, you specify an authentication token in an HTTP Authorization request header.
HCP also accepts credentials provided in an hcp-ns-auth cookie. However, this method of providing credentials is being deprecated and should not be used in new applications. If you use both an Authorization header and an hcp-ns-auth cookie, HCP uses the header for authentication and ignores the cookie.
© 2015, 2020 Hitachi Vantara LLC. All rights reserved.