Please share Adding Basic Authentication policy Examples not from docs...
I would like to add basic auth policy and get it validated, it is not working for me...
Hi Nagesh, are you trying to protect a resource with Basic Authentication in Apigee? Basic Authentication policy encodes and decodes a variable(s). If you want to validate against some credentials, you can try the Sample API Proxy from this answer. There are other ways to implement it, but personally I'd recommend leveraging Express.
Although OAuth 2.0 client credentials is a preferred way to go, here are the steps:
<BasicAuthentication name="Basic-Authentication-Header"> <DisplayName>Basic Authentication Header</DisplayName> <Operation>Decode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <User ref="request.header.client_id" /> <Password ref="request.header.client_secret" /> <Source>request.header.Authorization</Source> </BasicAuthentication>
<VerifyAPIKey name="Verify-API-Key"> <DisplayName>Verify API Key</DisplayName> <FaultRules/> <Properties/> <APIKey ref="request.header.clientID"/> </VerifyAPIKey>
I hope this helps.
I tried like this and added headers also but every time it showing error like below
{"fault": {
"faultstring": "Failed to resolve API Key variable request.header.client_id",
"detail": {"errorcode": "steps.oauth.v2.FailedToResolveAPIKey"}
}}
It look like you are setting apikey in the flow and passing the value in "request.header.client_id".
Check the apikey value you are passing the header.
@nagesh If you are trying to use the Basic Authentication policy for protecting your api, then that's not the right usage for the policy. The policy is not meant to provide basic authentication for a resource or apiproxy, rather it allows you to encode/decode a basic authentication header.
For example, if you have a backend api that requires basic authentication, you might want to use the basic authentication header to encode the request parameters into a base 64 encoded string and then pass it to the backend api as basic authentication header. Here's a simple example:
In this example, we are using the request headers "username" and "password" to generate the base64 encoded Basic Authentication header:
<BasicAuthentication name="BasicAuthentication"> <DisplayName>BasicAuthentication</DisplayName> <Operation>Encode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <User ref="request.header.username" /> <Password ref="request.header.password" /> <AssignTo createNew="true">request.header.Authorization</AssignTo> <Source>request.header.Authorization</Source> </BasicAuthentication>
Now if this policy is attached to the request preflow, it can prepare the Authorization header containing the credentials to the target:
<ProxyEndpoint name="default"> <Description/> <PreFlow name="PreFlow"> <Request> <Step> <Name>Basic-Authentication</Name> </Step> </Request> <Response/> </PreFlow> <Flows/> <PostFlow name="PostFlow"> <Request/> <Response/> </PostFlow> <HTTPProxyConnection> <BasePath>/apigee-demo</BasePath> <VirtualHost>default</VirtualHost> <VirtualHost>secure</VirtualHost> </HTTPProxyConnection> <RouteRule name="default"> <TargetEndpoint>default</TargetEndpoint> </RouteRule> </ProxyEndpoint>
However, It might be more appropriate to attach the policy to a flow in the target.