Authentication
To use the metadata query management API, you need either a system-level or tenant-level user account that’s defined in HCP. If HCP is configured to support Windows Active Directory® (AD), applications can also use an AD user account that HCP recognizes to access HCP through the metadata query API.
HCP also accepts Active Directory (AD) authentication provided through the SPNEGO protocol or through AD authentication header. For more information about SPNEGO, see http://tools.ietf.org/html/rfc4559.
With each metadata query API request, you need to provide your account credentials in the form of a username and password. If you do not provide credentials or provide invalid credentials, HCP responds with a 403 (Forbidden) error message.
To provide credentials in a metadata query API request, you specify an authentication token in an HTTP Authorization
request header.
HCP also accepts credentials provided in an hcp-ns-auth
cookie. However, this method of providing credentials is being deprecated and should not be used in new applications.