2.1 Login request
As soon as you started BOA, it will present the login screen. Once you entered the username, password and configured your URL, it will send a request to your login endpoint.
Authorization: BOA uses the Basic authorization at login. This means that there will be an authorization header send. In this header the login and password are available in a 64bit encoded string.
Authorization: Basic <credentials>
Where credentials is the base64 encoding of id and password joined by a colon.
Base64encode function not available?
What to do if you don’t have a base64 encode and decode function available in the language you are using?
You can create the string you will receive with an online Basic authorization header generator. The string is always the same. Suppose you have a user with the name ‘abc’ and the password ‘abc001’. With an online basic encoder, you will get this as a string:
So when this user wants to login with BOA, the string YWJjOmFiYzAwMQ== will be send. Once you have this key in your system, you can check on the complete string. If you find the string, you know that it is your user abc who wants to login. This way you don’t need to decode the received string.
When you want to start, you need to respond to the login. See the following topic in the documentation: 2.2 Login response.