Hi,
I am very new to apigee and currently trying to setup an proxy with intercom at the backend. I want to implement fixed backend authorization via a personal access token which needs to be sent in as the username of BASIC AUTH (https://developers.intercom.com/v2.0/docs/personal-access-tokens). It the proxy, I want the consumer to send in a fixed API key. How should I realize this in apigee edge?
I was trying to add a basic auth policy to target pre-flow where I entered the personal access token as the username and leaving blank the password. Unfortunately, apigee won't let me leave the password blank.
Second question is, how to setup the API key for the consumer. I understood, that I have to add a verify API key policy to proxy pre-flow, but i wasn't able to get that working anyways.
Can someone give me a quick ramp up of how to basically setup this kind of implementation?
Thanks,
Michael
Welcome to the community !!!
The basic auth policy requires both username and password. Both these values needs to be passed as variables to this policy using the "ref" attribute.
For your use case, what you could do is, have a javascript policy before the Basic Auth policy with the following code where you set a flow variable to
context.setVariable("somePrefix.username", "your_PAT"); context.setVariable("somePrefix.password", "");
And in your Basic Auth policy
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <BasicAuthentication async="false" continueOnError="false" enabled="true" name="Basic-Authentication-1"> <DisplayName>Basic Authentication-1</DisplayName> <Operation>Encode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <User ref="somePrefix.username"/> <Password ref="somePrefix.password"/> <AssignTo createNew="true">request.header.Authorization</AssignTo> </BasicAuthentication>
The encoded value is then set to the Authorization as header.
Let me know if this works !!!
Dear @Michael Schramm ,
Welcome to Apigee Community, Great Questions. Please find answers below.
Regarding, I was trying to add a basic auth policy to target pre-flow where I entered the personal access token as the username and leaving blank the password. Unfortunately, Apigee won't let me leave the password blank.
context.setVariable("intercomPassword", ""); context.setVariable("intercomUsername", "XXXXXXXXXXXXXXX");
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <BasicAuthentication async="false" continueOnError="false" enabled="true" name="Basic-Authentication-1"> <DisplayName>BA-UpdateTargetAuthorization</DisplayName> <Operation>Encode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <User ref="intercomUsername"/> <Password ref="intercomPassword"/> <AssignTo createNew="true">request.header.Authorization</AssignTo> </BasicAuthentication>
Second question is, how to setup the API key for the consumer. I understood, that I have to add a verify API key policy to proxy pre-flow, but i wasn't able to get that working anyways.
Keep us posted if you have any queries.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |