After a second thought, you should not need authentication if your script is executed in an authenticated context. User and password from current session will be saved.
If you need to authenticate the AJAX with another user's credentials, you can use Basic Auth with AJAX as explained here: https://zinoui.com/blog/ajax-basic-authentication
That's a good way to "hide" credentials. I guess it's far better than generating a cookie and reusing it as you'll need to pass the credentials to generate a cookie anyway :)
Please note that Basic Auth is reversible and I can't imagine any "truely secure" way of authentication through ajax with no credentials displayed.
Hope this helps!
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs