PATs vs Basic Authentication

Good Afternoon friends.
Please i would like to inquire about PATs vs Basic Authentication on the DHIS2 server.
which is a better approach and why. especially considering resource utilization.

we have a system that currently connects to dhis2 API and it uses the basic authentication currently. we have been experiencing some several downtime even though this might be as a result of traffic. we are considering switching to PATs. would that help significantly?

Thank you in anticipation.

The advantage of PATs over Basic Authentication is the security of the access. Basic Authentication sends the credentials as clear text. I am not sure that has impact on performance.

1 Like

@Barnabas_Akumba is correct that one of the major advantages of PATs over basic authentication is security - you are able to restrict the permissions of a particular PAT to prevent abuse, and a leaked PAT can be revoked.

@netroms can comment on the performance differences between these two methods. I believe basic authentication will create a new session for each request which can be quite expensive, so I believe you should see an improvement when switching to PATs for high-volume requests

1 Like