Private Widgets

You might find it useful to have widgets that are not publicly accessible. Widget Construction Set supports private widgets via HTTP Basic Authentication.

Private widgets should be hosted to return an HTTP 401 unless a valid auth header is provided. A valid auth header is one with the key Authorization and the value of Basic d293OnN1Y2hfaGFja2VyIQ== where d293OnN1Y2hfaGFja2VyIQ== is equal to the Base64 encoded value of username:password. For more info on HTTP Basic Authentication, check out this MDN document.