lc(.25rem - 1px);border-bottom-left-radius:calc(.25rem - 1px)}.card>.card-header+.list-group,.card>.list-group+.card-footer{border-top:0}.card-body{-ms-flex:1 1 auto;flex:1 1 auto;min-height:1px;padding:1.25rem}.card-title{margin-bottom:.75rem}.card-subtitle{margin-top:-.375rem;margin-bottom:0}.card-text:last-child{margin-bottom:0}.card-link:hover{text-decoration:none}.card-link+.card-link{margin-left:1.25rem}.card-header{padding:.75rem 1.25rem;margin-bottom:0;background-color:rgba(0,0,0,.03);border-bottom:1px...

        @SuppressWarnings("resource")
        final CsvReader csvReader = new CsvReader(reader, cfg);
        try {
            List<String> list;
            csvReader.readValues(); // ignore header
            while ((list = csvReader.readValues()) != null) {
                final String suggestWord = getValue(list, 0);
                if (StringUtil.isBlank(suggestWord)) {
                    // skip

* HTTP Basic Authentifizierung.
* **OAuth2** (auch mit **JWT Tokens**). Siehe dazu das Tutorial zu [OAuth2 mit JWT](tutorial/security/oauth2-jwt.md){.internal-link target=_blank}.
* API Schlüssel in:
    * Header-Feldern.
    * Anfrageparametern.
    * Cookies, usw.

Zusätzlich alle Sicherheitsfunktionen von Starlette (inklusive **Session Cookies**).

		return
	}

	if _, _, err := globalBucketMetadataSys.GetReplicationConfig(ctx, bucket); err != nil {
		writeErrorResponse(ctx, w, toAPIError(ctx, err), r.URL)
		return
	}

	w.Header().Set(xhttp.ContentType, string(mimeJSON))

	enc := json.NewEncoder(w)
	stats := globalReplicationStats.Load().getLatestReplicationStats(bucket)
	bwRpt := globalNotificationSys.GetBandwidthReports(ctx, bucket)

        final String contentType = request.getHeader("Content-Type");
        if (StringUtil.isNotEmpty(contentType)) {
            curlRequest.header("Content-Type", contentType);
        }

        request.getParameterMap().entrySet().stream().forEach(entry -> {
            if (entry.getValue().length > 1) {

        logger.info("itemList: {}", itemList);
        return itemList;
    }

    protected static Response deleteMethod(final String path) {
        return given().contentType("application/json").header("Authorization", getTestToken()).delete(path);
    }

    protected static void deleteDocuments(final String queryString) {
        List<String> docIds = new ArrayList<>();

		}
		return err
	}
	if len(data) == 0 {
		// Seems to be empty create a new poolMeta object.
		return nil
	}
	if len(data) <= 4 {
		return fmt.Errorf("poolMeta: no data")
	}
	// Read header
	switch binary.LittleEndian.Uint16(data[0:2]) {
	case poolMetaFormat:
	default:
		return fmt.Errorf("poolMeta: unknown format: %d", binary.LittleEndian.Uint16(data[0:2]))
	}

	}
}

func testValidHeader(h *FileHeader, t *testing.T) {
	var buf bytes.Buffer
	z := NewWriter(&buf)

	f, err := z.CreateHeader(h)
	if err != nil {
		t.Fatalf("error creating header: %v", err)
	}
	if _, err := f.Write([]byte("hi")); err != nil {
		t.Fatalf("error writing content: %v", err)
	}
	if err := z.Close(); err != nil {
		t.Fatalf("error closing zip writer: %v", err)
	}

<img src="/img/tutorial/security/image10.png">

/// note | "Hinweis"

Beachten Sie den Header `Authorization` mit einem Wert, der mit `Bearer` beginnt.

///

## Fortgeschrittene Verwendung mit `scopes`

OAuth2 hat ein Konzept von <abbr title="Geltungsbereiche">„Scopes“</abbr>.

      "links": [],
      "options": {
        "code": {
          "language": "plaintext",
          "showLineNumbers": false,
          "showMiniMap": false
        },
        "content": "<div class=\"dashboard-header text-center\">\n<span>SERVICE: $service</span>\n</div>",
        "mode": "html"
      },
      "pluginVersion": "10.1.5",
      "transparent": true,
      "type": "text"
    },
    {
      "datasource": {