For DSpace 7 the REST authentication has been rewritten from the ground up. It makes use of Spring Security and JSON Web tokens to support stateless sessions.
To authenticate yourself, you have to send a POST request to the /api/authn/login endpoint with the following parameters:
| parameter | value |
|---|---|
| user | email/id of user |
| password | password of user |
Example call with curl:
curl -v -X POST --data "user=test@dspace.com&password=p4ssword" "http://{spring-rest.url}/api/authn/login"
This call will return a JWT (JSON Web Token) in the response in the Authorization header according to the bearer scheme, this token has to be used in subsequent calls to provide your authentication details.
The authentication status can be checked by sending your received token to the status endpoint in the Authorization header:
curl -v "http://{spring-rest.url}/api/authn/status" -H "Authorization: Bearer eyJhbG...COdbo"