As an API Consumer, I want to use my kerberos token to authenticate my API requests
Acceptance Criteria
- Check if the authentication header is set in the request (
Authorization: Negotiate ...
) - If the header is not present the api should return a 401 error informing that the auth header is missing
- Should return authentication errors as early as possible
- Update the openapi spec if possible (probably as a "apiToken" type of auth)
- Use the header value which is an auth token to connect to the ldap server and handle operations
- Unit tests
Definition of Done
Authenticated API requests and ldap operations working.