A cryptographic nonce (number used once) key is a server-specified data string that is generated each time a 401 response is made. The server returns the data string to the client, and the client then passes that string unchanged back to the server with its subsequent request. Cryptographic keys prevent unauthorized access to data and protect against replay attacks. See RFC 2617 for more information about these keys.
About this task
To get a cryptographic key, complete the following steps:
- Request a key from the Files server using the following URI:
This creates an HTTP request that looks like this:
GET /files/basic/api/nonce HTTP/1.1
Authorization: Basic xxx
- From the HTTP response, find the key value, which is a data string that looks like this:
- Pass that data string back to the server with your subsequent request as the value of the X-Update-Nonce parameter.