Authentication

All API requests must be authenticated using Basic Access Authentication (RFC 2617). Include the Authorization header with every request.

How It Works

Combine the username and password with a colon separator, then Base64-encode the result:

admin:123456 → Base64 → YWRtaW46MTIzNDU2

Include the encoded string in the Authorization header:

POST http://192.168.0.50/GetDeviceInfo HTTP/1.1
Authorization: Basic YWRtaW46MTIzNDU2

Unauthenticated Requests

A request without valid credentials returns:

401 Unauthorized
WWW-Authenticate: Basic realm="XXXXXX"

Python Example

import requests
from requests.auth import HTTPBasicAuth

response = requests.get(
    "http://192.168.0.50/GetDeviceInfo",
    auth=HTTPBasicAuth("admin", "123456")
)
print(response.text)

curl Example

curl -u admin:123456 http://192.168.0.50/GetDeviceInfo

Using the viewtron.py Library

The Python API server handles authentication automatically when receiving webhook events from cameras. For outbound API calls, include Basic Auth with every request as shown above.

Notes

The default username is admin. The default password is set during initial camera setup.
v2.0 devices also support Digest Authentication, but Basic Auth works on all firmware versions.
For production deployments, always change the default password using the ModifyPassword endpoint.
Use HTTPS when available to protect credentials in transit.

How It Works​

Unauthenticated Requests​

Python Example​

curl Example​

Using the viewtron.py Library​

Notes​