{"id":4951,"date":"2018-04-04T04:58:33","date_gmt":"2018-04-04T11:58:33","guid":{"rendered":"https:\/\/www.couchbase.com\/blog\/?p=4951"},"modified":"2023-07-11T21:13:18","modified_gmt":"2023-07-12T04:13:18","slug":"x-509-certificate-based-authentication","status":"publish","type":"post","link":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/","title":{"rendered":"Authentication With X.509 Certificates"},"content":{"rendered":"

Data security is an important aspect of every modern data platform. With micro-service based architectures becoming more of a common pattern across every high-scale app, existing password based authentication mechanisms for user authentication is hard to manage at scale, let alone the fact that passwords are hard to remember or could be cracked. As a remedy, Couchbase Server 5.0 introduced X.509 certificate authentication.<\/span><\/p>\n

Couchbase Server 5.5<\/a> adds\u00a0<\/span>further enhancements<\/span><\/a>\u00a0to support all services and interfaces including N1QL, Indexing, XDCR, Search, and even the Couchbase Web UI and REST endpoints.<\/span><\/p>\n

What is certificate based authentication?<\/span><\/h3>\n

In a nutshell, \u201cauthentication\u201d is the process of verifying that a user is who they say they are. \u00a0In the world of technology this can be achieved in a variety of ways. Certificate based authentication allows users to securely access a server by exchanging a digital certificate instead of a username and password. <\/span>This means the client is not sending a username or password to the server which helps in <\/span>preventing phishing, keystroke logging and man-in-the-middle (MITM) attacks among other common problems with password-based authentication.<\/span><\/p>\n

\"\"<\/p>\n

Client-server TLS handshake illustrating mutual authentication<\/span><\/p>\n

Certificate based authentication is built by leveraging the X.509 public key infrastructure (PKI) standard. Certificate authentication offers stronger security by mutually authenticating both the client, using a trusted party (the Certificate Authority (CA)) and the server during the TLS handshake. Because the certificate is signed, it is only possible to connect to the real server, and centrally manage the certificates using the CA for rotation or revocation. <\/span><\/p>\n

Identifying the user within a certificate<\/span><\/h3>\n

If you\u2019re wondering how x509 certificate authentication works, it has to have multiple fields such as expiry date, CN name, san name, etc. Depending on your organisation and policies, different fields will be used to encode the user name\/id. \u00a0For example:<\/span><\/p>\n

Certificate:\r\n    Data:\r\n        Version: 3 (0x2)\r\n        Serial Number: 2 (0x2)\r\n        Signature Algorithm: sha1WithRSAEncryption\r\n        Issuer: O=www.freelan.org, OU=freelan\r\n        Validity\r\n            Not Before: Apr 27 10:54:40 2012 GMT\r\n            Not After : Apr 25 10:54:40 2022 GMT\r\n        Subject: OU=freelan, CN=couchbase-bob\/emailAddress=bob@freelan.org\r\n        Subject Public Key Info:\r\n            Public Key Algorithm: rsaEncryption\r\n                Public-Key: (4096 bit)\r\n                Modulus:\r\n                \u2026\r\n                \u2026<\/pre>\n
To identify the user, Couchbase is configured to parse one or more fields and extract the user. This is done by using a path, prefix, and delimiter. The <\/span>path<\/b> describes where in the certificate to get the user name from, the <\/span>prefix<\/b> strips off the beginning of the username and the delimiter terminates the username. \u00a0In the above example, to extract a user called \u201c<\/span>bob<\/b>\u201d you would use:<\/span><\/p>\n
\"path\": \"subject.CN\"\r\n\"prefix\": \"couchbase-\"\r\n\"delimiter\": \"\/\"<\/pre>\n
There is a maximum limit of 10 path expressions in Couchbase, with no two expressions having the same path and prefix fields, and it is mandatory to specify all the fields in the expression. Couchbase tries each path expression on the certificate one-by-one in the order specified, and it uses the first one that can successfully extract a non-empty username string. If all the path expressions cannot extract the user string, efforts to authenticate with X.509 certificates will fail too.<\/span><\/p>\n
Configuring Couchbase Server<\/span><\/h3>\n
In Couchb<\/span>ase Server 5.5, certificate based authentication is disabled by default, relying instead on local user\/pass or LDAP\/PAM based authentication methods.<\/p>\n
When \u201cRequire Client Certificate\u201d is set to \u201cEnable\u201d, Couchbase Server will accept the certificate supplied and try to authenticate based it. If that fails, Couchbase Server will fall back to user\/pass or LDAP\/PAM based authentication methods. <\/span><\/p>\n
When \u201cReq<\/span>uire Client Certificate\u201d is set to \u201cMandatory\u201d, an X.509 certificate must be provided or else authentication will fail.<\/p>\n
\"\"<\/p>\n
These settings can also be supplied via the CLI or REST API.<\/span><\/p>\n
Authorizing the user<\/span><\/h3>\n
Once a user has \u201cauthenticated\u201d (they are who they say they are), they still need to be \u201cauthorized\u201d which is the process of determining what they are allowed to do.<\/span><\/p>\n
In Couchbase Server this is done by <\/span>assigning one or more roles to each user<\/span><\/a>.<\/span><\/p>\n
Configuring clients for certificate based authentication<\/span><\/h3>\n
The X.509 certificate based authentication feature is supported by all SDK clients. However, only the very latest versions support it, so check the release notes for your SDK versions<\/span><\/i>.<\/span><\/i><\/p>\n
X.509 is the official standard for public key certificates and SSL\/TLS relies on this standard. In your client, you must use a valid x.509 certificate that is generated and signed by the same root certificate authority (CA) as the server.<\/span><\/p>\n
Most common web browsers have been supporting client-authentication since the early TLS days. You can configure the client certificate in your browser certificate store and should be good to go!<\/span><\/p>\n
All Couchbase tools such as couchbase-cli, and the N1QL shell are also being updated to support X.509 authentication.<\/span><\/p>\n
Conclusion<\/b><\/h3>\n
Even though it is a bit of work to get this type of authentication setup, it is very secure and simpler to manage at scale. \u00a0Please <\/span>download Couchbase Server 5.5<\/span><\/a>\u00a0to give it a try. \u00a0We look forward to your feedback!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"
Data security is an important aspect of every modern data platform. With micro-service based architectures becoming more of a common pattern across every high-scale app, existing password based authentication mechanisms for user authentication is hard to manage at scale, let […]<\/p>\n","protected":false},"author":24,"featured_media":13873,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[1816,1813],"tags":[2258,2182],"ppma_author":[8969],"class_list":["post-4951","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-couchbase-server","category-security","tag-5-5","tag-devbuild"],"acf":[],"yoast_head":"\nHow x509 Client Certificate Authentication Works | Couchbase<\/title>\n<meta name=\"description\" content=\"What is certificate-based authentication? It is built by leveraging the X.509 public key infrastructure (PKI) standard to secure authentication at scale.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Authentication With X.509 Certificates\" \/>\n<meta property=\"og:description\" content=\"What is certificate-based authentication? It is built by leveraging the X.509 public key infrastructure (PKI) standard to secure authentication at scale.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/\" \/>\n<meta property=\"og:site_name\" content=\"The Couchbase Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-04-04T11:58:33+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-12T04:13:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-04-at-12.51.05.png\" \/>\n<meta name=\"author\" content=\"Perry Krug\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Perry Krug\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/\"},\"author\":{\"name\":\"Perry Krug\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/#\/schema\/person\/d75b855801e89467ae2cfe0caef39a15\"},\"headline\":\"Authentication With X.509 Certificates\",\"datePublished\":\"2018-04-04T11:58:33+00:00\",\"dateModified\":\"2023-07-12T04:13:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/\"},\"wordCount\":759,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png\",\"keywords\":[\"5.5\",\"devbuild\"],\"articleSection\":[\"Couchbase Server\",\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/\",\"url\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/\",\"name\":\"How x509 Client Certificate Authentication Works | Couchbase\",\"isPartOf\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png\",\"datePublished\":\"2018-04-04T11:58:33+00:00\",\"dateModified\":\"2023-07-12T04:13:18+00:00\",\"description\":\"What is certificate-based authentication? It is built by leveraging the X.509 public key infrastructure (PKI) standard to secure authentication at scale.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage\",\"url\":\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png\",\"contentUrl\":\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png\",\"width\":1800,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.couchbase.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Authentication With X.509 Certificates\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/#website\",\"url\":\"https:\/\/www.couchbase.com\/blog\/\",\"name\":\"The Couchbase Blog\",\"description\":\"Couchbase, the NoSQL Database\",\"publisher\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.couchbase.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/#organization\",\"name\":\"The Couchbase Blog\",\"url\":\"https:\/\/www.couchbase.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2023\/04\/admin-logo.png\",\"contentUrl\":\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2023\/04\/admin-logo.png\",\"width\":218,\"height\":34,\"caption\":\"The Couchbase Blog\"},\"image\":{\"@id\":\"https:\/\/www.couchbase.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/#\/schema\/person\/d75b855801e89467ae2cfe0caef39a15\",\"name\":\"Perry Krug\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.couchbase.com\/blog\/#\/schema\/person\/image\/07fdef12afbaed73ed2879a6d989ae12\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d526d9acbd39623c0a9c0443617ab51bc75b0d8118706229ff946cea1a223257?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d526d9acbd39623c0a9c0443617ab51bc75b0d8118706229ff946cea1a223257?s=96&d=mm&r=g\",\"caption\":\"Perry Krug\"},\"description\":\"Perry Krug is the Head of Developer Experience at Couchbase. He has been with Couchbase for over 13 years and has been working with high-performance caching and database systems for over 17.\",\"url\":\"https:\/\/www.couchbase.com\/blog\/author\/perry-krug\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How x509 Client Certificate Authentication Works | Couchbase","description":"What is certificate-based authentication? It is built by leveraging the X.509 public key infrastructure (PKI) standard to secure authentication at scale.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/","og_locale":"en_US","og_type":"article","og_title":"Authentication With X.509 Certificates","og_description":"What is certificate-based authentication? It is built by leveraging the X.509 public key infrastructure (PKI) standard to secure authentication at scale.","og_url":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/","og_site_name":"The Couchbase Blog","article_published_time":"2018-04-04T11:58:33+00:00","article_modified_time":"2023-07-12T04:13:18+00:00","og_image":[{"url":"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-04-at-12.51.05.png","type":"","width":"","height":""}],"author":"Perry Krug","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Perry Krug","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#article","isPartOf":{"@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/"},"author":{"name":"Perry Krug","@id":"https:\/\/www.couchbase.com\/blog\/#\/schema\/person\/d75b855801e89467ae2cfe0caef39a15"},"headline":"Authentication With X.509 Certificates","datePublished":"2018-04-04T11:58:33+00:00","dateModified":"2023-07-12T04:13:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/"},"wordCount":759,"commentCount":2,"publisher":{"@id":"https:\/\/www.couchbase.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage"},"thumbnailUrl":"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png","keywords":["5.5","devbuild"],"articleSection":["Couchbase Server","Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/","url":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/","name":"How x509 Client Certificate Authentication Works | Couchbase","isPartOf":{"@id":"https:\/\/www.couchbase.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage"},"image":{"@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage"},"thumbnailUrl":"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png","datePublished":"2018-04-04T11:58:33+00:00","dateModified":"2023-07-12T04:13:18+00:00","description":"What is certificate-based authentication? It is built by leveraging the X.509 public key infrastructure (PKI) standard to secure authentication at scale.","breadcrumb":{"@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#primaryimage","url":"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png","contentUrl":"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/sites\/1\/2022\/11\/couchbase-nosql-dbaas.png","width":1800,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.couchbase.com\/blog\/x-509-certificate-based-authentication\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.couchbase.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Authentication With X.509 Certificates"}]},{"@type":"WebSite","@id":"https:\/\/www.couchbase.com\/blog\/#website","url":"https:\/\/www.couchbase.com\/blog\/","name":"The Couchbase Blog","description":"Couchbase, the NoSQL Database","publisher":{"@id":"https:\/\/www.couchbase.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.couchbase.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.couchbase.com\/blog\/#organization","name":"The Couchbase Blog","url":"https:\/\/www.couchbase.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.couchbase.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2023\/04\/admin-logo.png","contentUrl":"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2023\/04\/admin-logo.png","width":218,"height":34,"caption":"The Couchbase Blog"},"image":{"@id":"https:\/\/www.couchbase.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.couchbase.com\/blog\/#\/schema\/person\/d75b855801e89467ae2cfe0caef39a15","name":"Perry Krug","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.couchbase.com\/blog\/#\/schema\/person\/image\/07fdef12afbaed73ed2879a6d989ae12","url":"https:\/\/secure.gravatar.com\/avatar\/d526d9acbd39623c0a9c0443617ab51bc75b0d8118706229ff946cea1a223257?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d526d9acbd39623c0a9c0443617ab51bc75b0d8118706229ff946cea1a223257?s=96&d=mm&r=g","caption":"Perry Krug"},"description":"Perry Krug is the Head of Developer Experience at Couchbase. He has been with Couchbase for over 13 years and has been working with high-performance caching and database systems for over 17.","url":"https:\/\/www.couchbase.com\/blog\/author\/perry-krug\/"}]}},"authors":[{"term_id":8969,"user_id":24,"is_guest":0,"slug":"perry-krug","display_name":"Perry Krug","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/d526d9acbd39623c0a9c0443617ab51bc75b0d8118706229ff946cea1a223257?s=96&d=mm&r=g","author_category":"","last_name":"Krug","first_name":"Perry","job_title":"","user_url":"","description":"Perry Krug is an Architect in the Office of the CTO focused on customer solutions. He has been with Couchbase for over 8 years and has been working with high-performance caching and database systems for over 12 years."}],"_links":{"self":[{"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/posts\/4951","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/comments?post=4951"}],"version-history":[{"count":0,"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/posts\/4951\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/media\/13873"}],"wp:attachment":[{"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/media?parent=4951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/categories?post=4951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/tags?post=4951"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.couchbase.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=4951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}