Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Users authenticate through the ActiveSync protocol​ by using HTTP basic authentication, OAuth or a client certificate. Credentials are passed in different formats depending upon the form of authentication.
For HTTP basic authentication, credentials are encoded with base64 encoding. For user fakename and password x$pIAK9@p9!, the following is the authorization header:
-
Authorization: Basic ZmFrZXVzZXI6eCRwSUFLOUBwOSE=
For details about HTTP basic authentication, see [RFC1945] section 11.1.
For OAuth, an access token is obtained from the authorization server in response to an authorization grant. The access token is then used to obtain a protected resource from the resource server. The following is an example of an authorization header:
-
Authorization: Bearer <<token>>
For details about the OAuth 2.0 framework, see [RFC6749].
For authentication using a client certificate, the client MUST NOT send an authorization header. The server prompts the client for a certificate as part of the initial SSL/TLS handshake or as part of a TLS renegotiation.
If no client certificate exists, the client MUST complete the SSL/TLS handshake.
For details about providing a client certificate during a SSL/TLS handshake, see [RFC5246] section 7.4.6.