Error while implementing Basic Authorization Polic...

Report Inappropriate Content · 01-04-2016 08:55 PM

HI All,

I am new to Apigee and started implementing Proxies . I am facing below error while using Basic Authorization policy.Please help on the same.

{ "error": { "name": "Unauthorized", "message": "User Credentials are invalid" } }

sarthak

Can you please provide details of the policy? Add the policy here?

The error is very clear that the credentials are wrong. First thing I would check will be the credentials.

anilsr

Dear @Ajay,

Welcome to Apigee Community.

This policy does not enforce Basic Authentication on a request to an API proxy. Instead, you use it to Base64 encode/decode credentials, typically when connecting to a backend server or using a service callout policy, such as the Service Callout policy, that requires Basic Authentication.

You will use Basic Authentication policy in below scenarios,

* Your Backend API is authenticated via Basic Authentication mode using Authorization Header

Scenario 1 :

Your backend API is authenticated using Authorization header but your API Proxy accepts username & password. If you would like to base64 encode username , password and send it to backend Api as Authorization header then , you will use Basic Authentication Policy.

Scenario 2 :

Your proxy is secured using techniques like OAuth but your backend API is protected using Basic Authentication, & you would like to implement last mile security in Apigee. Like you secure proxy using keys & after verification hit backend api using basic Auth last mile security.

Cheers,

Anil Sagar

Report Inappropriate Content

In my case , Scenario1 is applicable and below is the policy details :

<DisplayName>basic_authentication</DisplayName>

<Operation>Encode</Operation>

<IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>

<AssignTo createNew="false">request.header.Authorization</AssignTo>

<Source>request.header.Authorization</Source>

</BasicAuthentication>

I am entering username and password for Base64 and putting the Base64 value as Header while hitting to the backend.

sarthak

username and password what are these two variables? How are you populating them? Both of these are Apigee flow variables. And in this configuration expects it be populated previously using an assign message policy or javascript policy or anything similar.

Report Inappropriate Content

I am using username and password from KVM and after that using Basic authentication to retreive the value from backend.

My Backend URL is :

https://apigee-edu-test.apigee.net/v1/apieatery

My request :

http://ajay5983-test.apigee.net/api/chefs

Please suggest,.

anilsr

@Ajay , What is the source of username & password ? Are you sending them in your API Request headers / query params / payload ?

Report Inappropriate Content

I have used KVM to store username and password and trying to fetch the map details with basic authentication policy by using the Basic Auth option from Apigee conso

anilsr

@Ajay , then you need to use KVM Policy before Basic Auth policy to populate flow variables. For more details please see KVM Policy.

Report Inappropriate Content

I am using username and password from KVM and after that using Basic authentication to retreive the value from backend.

My Backend URL is :

https://apigee-edu-test.apigee.net/v1/apieatery

My request :

http://ajay5983-test.apigee.net/api/chefs

Report Inappropriate Content

I have used KVM policy before basic authorization as below :

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<Key> <Parameter>username</Parameter> </Key>

</Get>

<Key> <Parameter>password</Parameter> </Key>

</Get>

<Scope>organization</Scope>

</KeyValueMapOperations>

Report Inappropriate Content

My Backend URL is :

https://apigee-edu-test.apigee.net/v1/apieatery

My request :

http://ajay5983-test.apigee.net/api/chefs

Report Inappropriate Content

Need further suggestion to complete the task .

anilsr

@Ajay , Please use Apigee trace tool to debug the issue, most probably you might not be reading KVM values properly. It's an implementation issue. Please recheck your API proxy. KVM & Basic Auth works as per design. Make sure you have set right values in KVM & reading them using correct variables.

anilsr

BTB, Your Backend is not secured at all, it says cannot get / . Please recheck the entire implementation.

Report Inappropriate Content

On Tracing the result :

Getting the error at the time when Response received from target server, below is the error :

{"error":{"message":"User Credentials are invalid","name":"Unauthorized"}}

What to be checked in this case ?

anilsr

Please check whether you can make a curl / postman call to backend directly and works as expected.

Report Inappropriate Content

@Anil: Getting the same error on postman also.

anilsr

@Ajay , Its a backend issue. Please check your backend permissions / security settings. Closing this question since its not related to Apigee Edge.

Error while implementing Basic Authorization Policy