Web Services Authentication
The Transformation Services and Data Upload Service support authentication through HTTP basic access, or in conjunction with the Token Service. The user account that runs a workspace and requests a service must have Run permission on the repository in which the workspace resides, and Access permission to the service.
To authorize access, the web services first attempt the credentials (user name and password) of the user account associated with the request. If this attempt fails, access is attempted through the credentials of the guest user account. If this attempt fails, the web services return a Basic HTTP authentication challenge to the requesting client, such as a web browser.
Note: For more information about the guest user account, see About the Trusted User Account.