Bearer Token vs Basic.
I understand using Bearer Tokens is the way forward and not Basic Authentication username/password. But I wonder if there is any real world benefit in Epicor? I assumed the Bearer Token approach is faster than Basic Authentication for repeated calls, but in testing this theory I didn’t see any performance improvement. Put that together with the additional workarounds in Epicor (e.g. TokenResource.svc doesn’t handle token refresh etc), Basic still seems the way go to? - don’t @ me 
.
Putting my case forward…
I assumed (probably incorrectly) that using Basic authentication would re-evaluate the username password then process the request on every request. The other assumption being if its using a Bearer token, the evaluation would be done on the first call, then avoid the overhead of reauthenticating the token on subsequent calls until it expires? Which is how I ended up on this thread, looking for a token refresh option.
I was thinking along the same lines as the post where @Bart_Elia mentiond BOReader is faster than BAQ due to the overhead of the BAQ security checks.
I’d be interested in your thoughts on this.
PS I’m on 10.2.700 if that makes any difference.
Cheers,
John’o