10.1.1. Authorization

Sent the following POST request to get authorization cookie.

POST /login

Authorization request to NextGIS Web

Form Parameters:
  • login – Login
  • password – Password
Status Codes:
  • 200 OK – Success authorization

Example request:

POST /login
Host: ngw_url
Accept: */*


If authorization succeeds, NextGIS Web will return HTTP code 200 and Set-Cookie. Requests with this cookie into the header will be considered authorized.

In each request authozised data (HTTP AUTH) may be send.


When the user agent wants to send the server authentication credentials it may use the Authorization header.

The Authorization header is constructed as follows:

  1. Username and password are combined into a string «username:password»
  2. The resulting string is then encoded using the RFC2045-MIME variant of Base64, except not limited to 76 char/line
  3. The authorization method and a space i.e. «Basic » is then put before the encoded string.

For example, if the user agent uses „Aladdin“ as the username and „open sesame“ as the password then the header is formed as follows:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==