How to use basic authentication with service callout policy?

Not applicable
 
0 4 1,666
4 REPLIES 4

Not applicable
We can use the Assignmessage policy to set the authorization header and use that in service callout policy.

@Debashish Roy

I am getting a error as below

{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}

I am passing below values from Assign Message to Service Callout , the Authentication is BASIC.

<Set>

<Headers>

<Header name="Content-type">application/json</Header>

<Header name="Authorization">Basic</Header>

</Headers>

<FormParams>

<FormParam name="username">ABC</FormParam>

<FormParam name="password">XYZ</FormParam>

<FormParam name="Grant_type">client_credentials</FormParam>

</FormParams>

<Verb>POST</Verb>

</Set>

shawkyfoda
Participant IV

use : Basic Authentication Policy for example:

----------------------------

<BasicAuthentication async="false" continueOnError="false" enabled="true" name="Basic-Authentication-1">

<DisplayName>Basic Authentication 1</DisplayName> <Operation>Encode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>

<User ref="request.formparam.username" />

<Password ref="request.formparam.password" />

<AssignTo createNew="false">request.header.Authorization</AssignTo>

</BasicAuthentication>

This policy will get username and password from form parameters and create a basic authorization in the request header

For more details :

https://docs.apigee.com/api-platform/reference/policies/basic-authentication-policy

@ShawkyFoda

Hi Shawky,

Thanks a lot for taking your time and answering my query.

1 .The Service Callout uses a endpoint, I am pointing that to the Token server to retrieve the token. The BASIC Authentication does not point to any Endpoint. How will the Basic Authentication know when to point.

2. which comes first in the flow , Basic Authentication or Service Callout.

3. Do we have to use KVM as mandatory to pass the values to BASIC Authentication.

4 Can you please let me exact steps for implementing a API Proxy which uses a external BASIC Authentication.

I have see the youtube videos and the docs URL but they do not mention the step by step approach to integrate the two REST API End to end.

The First one is to get the token and the second to get the order details.

thanks

Sushanth Shambharkar