Authentication of requests
As is the case with most APIs, Chef API is authenticated before the request is processed, and the result is transmitted back to the client. The authorization of the request is done by the Chef server. A few HTTP headers are signed by the private key on the client machine, and the Chef server verifies the signature by using the public key. Only once the request has been authorized, can processing take place.
Generally, when using utilities such as Knife and so on, we don't have to be really concerned about handling authorization, as this is something that is automatically taken care of by the tool. However, when using libraries such as cURL or any arbitrary Ruby code, it is necessary to include a full authentication header ...
Get Mastering Chef now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.