This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Basic authentication

Posted on 08-24-2016 10:27 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi All,

I am new to this apigee so i need your suggestions to make an API/webservice. Please help me on this.I have few questions here about basic authentication.Please check the following

1. How to use basic authentication?

2. I need to prompt the screen for providing the username and password?

3. Will there be any possibility to use basic authentication without using any of the javascript,java and node.js?

4. What are the policies required to work basic authentication ?

Could you please help me to understand and learn about this.

Thanks&Regards

Rajasekhar

1 7 2,417
Topic Labels
7 REPLIES 7

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hello @Rajasekhar ,

I feel you would find enough details here

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi Basu,

Thank you

I have reviewed and tried whatever there but still not working i.e., i am asking complete info step by step if possible to make an authentication

Thanks&Regards

Rajasekhar

0 Likes

Posted on --/--/---- --:-- AM
anilsr
Staff
Reply posted on --/--/---- --:-- AM

Dear @Rajasekhar ,

Welcome to Apigee Community. Great Questions, Please find details below.

1. How to use basic authentication ?

  • Apigee provides many features in Apigee Edge that helps you work with existing APIs & build new APIs.Working with Basic Authentication is also one among them & certain functionality is out of the box. Basic Authentication policy falls under same.
  • How Apigee can help you related to Basic Authentications ?
    • It can help you secure open API with Basic Authentication.
    • It can help you construct Basic Authentication header for target API where on API Proxy side you can use better security like OAuth.
  • What does Basic Authetication Policy does ?
    • Extract username & password from given authorization header in request.
    • Construct new authorization header given username and password in request & send authorization header to target API.

2. I need to prompt the screen for providing the username and password ?

  • Very Interesting requirement, Yes, You can implement this in Apigee. See an excellent article that explains how browser prompts work here .
  • You need to use RaiseFault policy in proxy that check for Authorization header and sends back 401 with header www-authenticate basic.
  • See example proxy attached basicauth-rev1-2016-08-25.zip & play with sample api here.

3. Will there be any possibility to use basic authentication without using any of the javascript,java and node.js?

  • Yes, I hope answers to 1 & 2 clarifies same.

4. What are the policies required to work basic authentication ?

  • It depends on your use case,
    • For example, If you want to extract username & password then you use Basic Authentication Policy.
    • If you would like to validate the credentials with some other server, you will use Service callout Policy.
    • If you would like to do any validate on credentials & set some custom response, you will user Raise Fault or Assign Message with policy condition.
    • If you would like to construct a new authorization header you will use Basic Authentication policy with encode operation.

Hope it helps.

basicauth-rev1-2016-08-25.zip

Posted on --/--/---- --:-- AM
Not applicable
In response to anilsr
Reply posted on --/--/---- --:-- AM

Has anyone had success getting basic auth to work with a call from Twilio?

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to
Reply posted on --/--/---- --:-- AM

Seems like a "new" question Jeremy. Maybe try posting it as one.

(Also I'm not sure what it means when you say "from Twilio", so maybe include more details when you post the new question).

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

@Anil Sagar

Hi Anil,

I am very new to Apigee. Use to follow your video on Apigee portal. It's very short and effective. Thanks for those videos. 🙂

Try to accomplish one use case via Apigee. Let say Our target system doesn't require any username/password or any token to access their API. But I want to create a reverse proxy on their API with a basic credential or token based auth. I want to generate username/password or token on Edge and save it somewhere. Once a client calls my reverse proxy with username/password, Edge will validate it with generated credential and process to target system accordingly.

,

@ Anil Sagar

Hi Anil,

I am very new to Apigee. Just try to accomplish some use case on Apigee.

Let say I have a target system which doesn't require username/ password or any other authentication method but I want to implement authentication on my reserve proxy. Want to generate some token or basic credential on Edge and store somewhere. Once a client calls my reverse proxy with the credential, Apigee will validate with the generated token or username/password and process to the target application accordingly.

0 Likes

Posted on --/--/---- --:-- AM
anilsr
Staff
In response to
Reply posted on --/--/---- --:-- AM

@Supratim Das , Welcome to Apigee Community !!

Answers are strictly for answers. Please post a new Question.

0 Likes