Require authorization for API requests

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Use the glide.basicauth.required.api property to enhance security for basic authorization for incoming REST requests.

    If glide.basicauth.required.api isn't set to the recommended value of true, then Basic Authentication on API requests are disabled which leads to unauthenticated access to instance data.

    Ensure the property glide.basicauth.required.api exists in the System Properties [sys_properties] table and is set to true.

    Warning:
    This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.

    More information

    Attribute Description
    Configuration name glide.basicauth.required.api
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value <none>
    Fallback value false
    Category API and web service
    Security risk
    • Severity score: 8.6
    • CVSS rating: High
    • Security risk details: Unauthenticated access to API data, when combined with misconfigured guest user role, poses a significant risk of unauthorized data exposure.
    Functional impact None
    Dependencies and prerequisites None