DokuWiki can use all kinds of user storage mechanisms to authenticate users. Please refer to Authentication Plugins for more details.

There are multiple ways how authentication credentials can be passed to the wiki:

Passing the parameters u and p with the username and password respectively will initiate a login with the given credentials. This is what happens when a user logs in via the login form.

Please note that this only works when a auth backend is used that supports password based logins. Eg. with certain configurations of the oAuth plugin this will not work.

A successful login will create login cookie. The boolean r parameter defines the cookie life time: r=0 → session cookie, r=1 → 1 year life time.

User and password can be passed as basic auth header. The passed credentials will be used to initiate a login silently. If it fails, no errors are shown and no login happens.

A successful login will create a login cookie. However since Auth headers are sent on every request by the browser, user will not be able to logout.

Basic Auth may come in handy for API request authentication or a poor-man's SSO implementation.

When a request with a valid cookie is made, the user is logged in as well.

add details on the cookie data

Token Auth is available since Kaos.

Users can create a login token in their profile. This token can be used to authenticate using a Authorization: Bearer token.

A successful login will not create a login cookie. The token has to be sent with every request to stay authenticated.

This mechanism is most useful for Remote API authentication.

Note: in some combinations of webserver and PHP, authorization headers are not passed through to PHP. In develonly the token can alternatively passed as X-DokuWiki-Token header.