Solved: Target system needs basic authentication in header

mugdhadharmadhi · 08-24-2020 11:02 AM

Hi,

I am new to Apigee. I am trying to pass basic authorization userid and password in the header.

I need to pass it to target server though I do not want to accept it from users. I want to hardcode it in the Assign message policy.

Where should I add the assign message policy for the header? Below is my code in assign message:

<header name="Authorization">Basic encodeduserid:password</header> <header name="X-APIMS">value</header>

</Headers>

Can you please suggest what am I missing here?

How can I check if the correct header is being passed to the call? Is there place I can see all the headers?

nagashree_b

Hi Mugdha,

You can add the assignmessage policy to your target endpoint's request preflow.

A good practice is to have the basic auth credentials stored in an encrypted KVM and retrieve the value using the KVM-Operations policy with a fetch operation.

Secondly, you can also use a Basic Authentication policy with the encode operation to set the base64 encoded value into the header without the use of assign message policy.

You can refer to the samples at - https://docs.apigee.com/api-platform/reference/policies/basic-authentication-policy#samples

View solution in original post

Report Inappropriate Content

You can set the headers in assign message policy and configure this anywhere in the request flow that is the request of preflow, request of post flow of either proxy endpoint, or target endpoint. You can see the headers immediately after the policy in the trace. But I would suggest seeing the curl request details just before the request to the target server.

I see you are using lower case header tag

<header name="Authorization">Basic encodeduserid:password</header> <header name="X-APIMS">value</header>

and you should use Header in the upper case.

By default your Authorization header value will be seen as ***** in trace and I would suggest to put the confidential information in encrypted KVM or private.varibalename in the flow.

View solution in original post

nagashree_b

Hi Mugdha,

You can add the assignmessage policy to your target endpoint's request preflow.

A good practice is to have the basic auth credentials stored in an encrypted KVM and retrieve the value using the KVM-Operations policy with a fetch operation.

Secondly, you can also use a Basic Authentication policy with the encode operation to set the base64 encoded value into the header without the use of assign message policy.

You can refer to the samples at - https://docs.apigee.com/api-platform/reference/policies/basic-authentication-policy#samples

mugdhadharmadhi

Thank you Nagashree. It was helpful.

Report Inappropriate Content

You can set the headers in assign message policy and configure this anywhere in the request flow that is the request of preflow, request of post flow of either proxy endpoint, or target endpoint. You can see the headers immediately after the policy in the trace. But I would suggest seeing the curl request details just before the request to the target server.

I see you are using lower case header tag

<header name="Authorization">Basic encodeduserid:password</header> <header name="X-APIMS">value</header>

and you should use Header in the upper case.

By default your Authorization header value will be seen as ***** in trace and I would suggest to put the confidential information in encrypted KVM or private.varibalename in the flow.

mugdhadharmadhi

hi Priyadarshi,

When I changed header to Header it helped me to see the header that I was not able to see.

It was helpful. Thank you.

Thanks,

Mugdha

Report Inappropriate Content

You are welcome.

asuboh

@Priyadarshi Ajitav Jena hello dear ,

Iam facing the same issue and im new to apigee , can you please help me how to add authntication header to the target step by step .

Report Inappropriate Content

@Suboh, you need to create one assign message policy. In the set section <Headers/> will be there.

Replace that to

<Header name="Authorization">Basic encodeduserid:password value</Header>

Encoded userid and password will be of base64 encoding.

Assign the policy to target endpoint preflow request.