This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Is It possible to map from consumer key to basic credentials

Posted on 09-26-2014 06:37 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi Guys,

I have a couple of internal web services that take basic auth credentials. what in hoping is to provide the consumers (of which there will only be a hand full) with a key/secret and have apigee translate that into basic username password to be used for the last mile. Is that possible? if not is there another approach I could try?

Cheers

Carl

Solved Solved
1 1 421
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
rdeandrade
Staff
Reply posted on --/--/---- --:-- AM

Hi Carl,

One option is to use a key value map (http://apigee.com/docs/api-services/reference/key-...) to store the credentials, using the client_id provided to the app developer as the key to the map.

You will then provision the map via the management apis with all the credentials to keys values (http://apigee.com/docs/management/apis/put/organiz...), and invoke a get operation within your proxy to retrieve the credentials form the map, after the api request has been validate.

Sample policy for retrieving the data:

<KeyValueMapOperations name="getUrl" mapIdentifier="urlMapper">
    <Scope>organization</Scope>
    <Get assignTo="authHeader" index='1'>
      <Key>
         <Parameter ref="verifyapikey.verifyApiKey.client_id"/> 
      </Key>
   </Get>
</KeyValueMapOperations>

Where in the example above, the credentials are already stored in the kvm base64 encoded.

The solution above works for simple key validation on the api as well as for oauth, simply update the reference variable to point to where the client_id is coming from (oauth policy, query param, etc)

Once you have the credentials stored in a variable (authHeader in the example above), you'll then use an AssignMessage policy (http://apigee.com/docs/api-services/reference/assi... to add an Authentication header to the request that'll go to your target.

<AssignMessage ...


<Set source='request'>    
    <Headers>      
        <Header name="Authentication">Basic {authHeader}</Header>    
    </Headers> 
</Set>

...


</AssignMessage>

Hope this helps.

Cheers,

Ricardo

View solution in original post

Jump to Solution
1 REPLY 1

Posted on --/--/---- --:-- AM
rdeandrade
Staff
Reply posted on --/--/---- --:-- AM

Hi Carl,

One option is to use a key value map (http://apigee.com/docs/api-services/reference/key-...) to store the credentials, using the client_id provided to the app developer as the key to the map.

You will then provision the map via the management apis with all the credentials to keys values (http://apigee.com/docs/management/apis/put/organiz...), and invoke a get operation within your proxy to retrieve the credentials form the map, after the api request has been validate.

Sample policy for retrieving the data:

<KeyValueMapOperations name="getUrl" mapIdentifier="urlMapper">
    <Scope>organization</Scope>
    <Get assignTo="authHeader" index='1'>
      <Key>
         <Parameter ref="verifyapikey.verifyApiKey.client_id"/> 
      </Key>
   </Get>
</KeyValueMapOperations>

Where in the example above, the credentials are already stored in the kvm base64 encoded.

The solution above works for simple key validation on the api as well as for oauth, simply update the reference variable to point to where the client_id is coming from (oauth policy, query param, etc)

Once you have the credentials stored in a variable (authHeader in the example above), you'll then use an AssignMessage policy (http://apigee.com/docs/api-services/reference/assi... to add an Authentication header to the request that'll go to your target.

<AssignMessage ...


<Set source='request'>    
    <Headers>      
        <Header name="Authentication">Basic {authHeader}</Header>    
    </Headers> 
</Set>

...


</AssignMessage>

Hope this helps.

Cheers,

Ricardo

Jump to Solution