You can use client certificates to authenticate ARDI users for both the web interface and APIs.
This skips the need to perform any type of conventional authentication, as your request contains the full security certificate that identifies the user or application.
In this case, the SSL certificate must have a 'CN' that is the full name of an ARDI user. When any call is made to the ARDI system using the client certificate, it will be as if this specific user was signed in.