I am developing my first restful API for a project.
I understand and have gotten the basic authentication to work properly, using the format Basic username:password where username:password is Base64 encoded.
Currently, we pass a user's email address in the 'username' field and their password in the 'password' field.
The problem is that the email address is not unique in the application. It is unique per Organisation within the application.
So in order to log the user in successfully, we need to pass another value to the API which indicates what the organisation is (the idea would be to pass along a key that would be used to look up the organisation)
My issue is that the basic authentication process only allows you to pass two values (username,password), whereas I need to pass three. Is there a way to pass more data to the basic authentication process? Or do I have to use some other type of authentication to achieve this?
My idea was to modify the basic authentication so that it takes three values, for example: username:password:orgkey I don't know if that is allowed or goes against the protocol for basic authentication though?
Although this question really is language independent, for the record I am using Coldfusion and the Taffy plugin.
Any guidance would be appreciated.
Thanks
