BlueCat Gateway handles authentication via the BAM REST API (described in Installing and upgrading Gateway). Authentication is slightly different between UI pages and REST API calls:
- Gateway UI - authentication is enforced with browser cookies and a login screen.
- REST API - Basic authentication is based on a token that the user must pass with each call. If supported, the token is also stored in a cookie.