Automation calls done by the client need to use the token based authentication (see
NXP-10268) instead of the basic authentication.
- Refactoring the bind-server command to get a generated token from the server given the user's credentials (username, password) and device information, and store it in the local db instead of storing the user's credentials.
- Adding this token in a request header when doing any automation call.
To get the token in the first place, an HTTP GET request must be sent to a Servlet defined by
NXP-10268, bound to basic authentication, that returns the unique token as plain text in the response body.
This stays statetless, we will have to decide if we want a stateful mode, and in which case how to implement it.