How to authenticate rest API using username and password?

How to generate basic auth token from username and password?

So I'm working on a web app, when users login with username and password they get authenticated in my backend (I use flask) but now I need to generate basic auth tokens for my clients to keep them safe and logged in. How should I do it? EDIT: Also if someone could explain the best way to secure user's passwords when using passwords instead of tokens that would be great. I don't want to store any salt in the database since the users have no idea what the passwords are.

After many trial and errors I managed to implement the solution myself. I used this stackoverflow answer. Also this article helped me a lot. The only missing part was generating a new secret key in my session object (sessionclass=default) and using that to encrypt passwords before they're stored in the database.

How do I authenticate Jira using REST API?

The JIRA REST API does not support authentication of users.

For that you need to use the REST API with the oauth2-plugin-for-jira, which you can find on Github or here on npm.

You can use the oauth2-plugin-for-jira to create an access token for a user, which you then can use in any subsequent requests to the REST API. The plugin creates a header called X-Atlassian-JiraToken on each request with the access token that it just created for you. You can use that header to authenticate your requests.

The plugin also has a configuration file that is used by the plugin to create and authenticate the tokens. You can find that config file here.

Is Jira API basic authentication with passwords deprecated?

I need to set the project level security on my project.

I was using Basic Authentication. ? If so, Is there any way of authentication other than Basic. I tried setting the Authorization header but its not working.
headers =. Also i'm not sure whether the username and password i'm setting as Basic is correct or not. When I make a request to a web based tool it sets it to Basic automatically but in my case its not working. The solution to this is JWT token which is a standard based on JSON Web Tokens (JWT) where you are given a set of data as a base64 encoded JWT signed with a secret that is called a certificate. With the help of the cert the data can be verified. If you want to set it in your settings. The default is 1 year
Issuer - This specifies the JWKS key issuer which should match the issuer specified in your JWKS. Iat - This will be your issue date. Accesstoken - This will be the actual token for authentication purposes. Aud - This represents the audience of the token. This audience is determined by the audience of the JWKS that is used to generate the token.

Sub - The sub is a secondary audience for the jwt.