Talking about authentication, there are two possibile ways to authenticate over Alfresco: with Basic Authentication and using a ticket. The second one should be preferred in many use cases but we are going to introduce both, for a complete description.
Using the Basic Authentication
The first method of authentication over Alfresco is the Basic Authentication using directly the REST call of the service you are going to use. In the image below, we can see this method of authentication using Postman directly on a REST call.
Alfresco 5.2 REST APIs support the Basic Authentication as the simplest technique for enforcing access controls to web resources. In practical cases, especially when a lot of REST calls are done in the same application or page, the number of session opened into Alfresco could be out of control and a "ticket based" approach should be preferred.
Using the Authentication REST APIs to get a ticket
Ticket-based authentication is not new to Alfresco. It's based on a REST call to a specific service, to return a string representing a new session created in the system. The string should be passed to the next REST calls, to reuse the same session and optimise the resources on the server. For further information and details about the user identity, please read here.
In the brand new Alfresco 5.2 REST APIs all the requested services to manage the authentication are available. You can also know more about authentication using the Alfresco API Explorer, directly into your environment. Below an screenshot showing how the Alfresco API Explorer look like about authentication.
Now that we know more about authenticating into Alfresco using the ticket, let's see how to get it using the Alfresco 5.2 REST APIs and Postman.