summaryrefslogtreecommitdiff
path: root/libeufin/concepts.rst
diff options
context:
space:
mode:
Diffstat (limited to 'libeufin/concepts.rst')
-rw-r--r--libeufin/concepts.rst17
1 files changed, 11 insertions, 6 deletions
diff --git a/libeufin/concepts.rst b/libeufin/concepts.rst
index 9cfc13e4..a0f2bb7b 100644
--- a/libeufin/concepts.rst
+++ b/libeufin/concepts.rst
@@ -38,8 +38,9 @@ Nexus Users
The concept of a *nexus user* is used to implement access control to the
operations that the nexus provides.
-A user has a login name and a (salted, hashed) password. (Other authentication
-methods could be added in the future.)
+A user has a login name and a (salted, hashed) password.
+This is the `HTTP basic auth <https://tools.ietf.org/html/rfc7617>`_ method.
+(Other authentication methods could be added in the future.)
A nexus user can be marked as *superuser*. All permission checks are skipped
for superusers. Only superusers are allowed to create/modify other users.
@@ -66,7 +67,8 @@ Examples:
.. code-block:: console
# Download latest transactions via the default bank connection and store them locally
- $ curl -XPOST $AUTHEADER https://example1.libeufin.tech/bank-accounts/my-acct/fetch-transactions
+ $ http -a $USER:$PASSWORD POST \
+ https://example1.libeufin.tech/bank-accounts/my-acct/fetch-transactions
Bank Connections
----------------
@@ -100,12 +102,14 @@ Examples:
.. code-block:: console
# Manually request the inter-day account report via the EBICS C52 order
- $ curl -XPOST $AUTHEADER https://example1.libeufin.tech/bank-connections/my-ebics-testacct/ebics/download/C52
+ $ http -a $USER:$PASSWORD POST \
+ https://example1.libeufin.tech/bank-connections/my-ebics-testacct/ebics/download/C52
# Download available bank accounts that can be accessed through this connection,
# according to the bank server (with EBICS, does a HTD request).
# For each of them, create a bank account resource in LibEuFin.
- $ curl -XPOST $AUTHEADER https://example1.libeufin.tech/bank-connection/my-ebics-testacct/fetch-accounts
+ $ http -a $USER:$PASSWORD POST \
+ https://example1.libeufin.tech/bank-connection/my-ebics-testacct/fetch-accounts
Facades
-------
@@ -128,7 +132,8 @@ Examples:
.. code-block:: console
# Request the Taler-specific history through the facade
- $ curl $AUTHEADER https://example1.libeufin.tech/facades/my-taler-wire-gw/taler/history/incoming
+ $ http -a $USER:$PASSWORD \
+ https://example1.libeufin.tech/facades/my-taler-wire-gw/taler/history/incoming
Access Control
==============