REST API Security and Authentication

Blueprint's REST API is served over HTTPS if Blueprint is configured to run with SSL. HTTPS ensures secure communication of API requests and responses.

Blueprint exclusively supports Basic Authentication for the submission of credentials. Thereafter, a proprietary token is used. To obtain a token, you must provide an Authorization header with Basic scheme. Refer to the Quick Start Example for more information.

Token Expiry

You can obtain the token expiry by viewing the header of the Authenticate response. The token expiry is stored in the blueprinttokenexpirydate parameter of the Authenticate response header.

Here is an example of the blueprinttokenexpiry parameter in the Authenticate response header:


'content-length': '238',

'x-xss-protection': '1; mode=block',

'blueprinttokenexpirydate': 'Thu, 28 Nov 2013 17:20:34 GMT',

'x-content-type-options': 'nosniff',

'expires': '-1',

'server': 'Blueprint',

'pragma': 'no-cache',

'cache-control': 'no-cache',

'date': 'Thu, 28 Nov 2013 16:50:34 GMT',

'x-frame-options': 'deny',

'content-type': 'application/json; charset=utf-8',

'authorization': 'BlueprintToken M6Uf+rS0WsqD89d2Rf+nw18...[Truncated]...GtqNUWYFuNC81mF0o='