I am trying to connect to an API server requiring Basic Authentication.
I have a KVM created called "MyKVM" with username and password keys (and their values).
I have this KVM Policy attached in the Proxy PreFlow:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <KeyValueMapOperations continueOnError="false" enabled="true" name="getCredentials" mapIdentifier="MyKVM" async="false"> <DisplayName>getCredentials</DisplayName> <ExclusiveCache>false</ExclusiveCache> <ExpiryTimeInSecs>300</ExpiryTimeInSecs> <Get assignTo="username" index="1"> <Key> <Parameter>username</Parameter> </Key> </Get> <Get assignTo="password" index="1"> <Key> <Parameter>password</Parameter> </Key> </Get> <Scope>environment</Scope> </KeyValueMapOperations>
I have this Basic Authorization policy attached next in the Proxy PreFlow:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <BasicAuthentication name="BasicAuthorization"> <DisplayName>BasicAuthorization</DisplayName> <Operation>Encode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <User ref="username"/> <Password ref="password"/> <AssignTo createNew="false">request.header.Authorization</AssignTo> </BasicAuthentication>
Now when I attempt to call the API server, the server is sending a 302 (redirect) without accepting my authentication and not resulting in a GET of the API information I'm looking for.
I know this is a very simple process. Please tell me if my Policies are wrong or something on my API server is causing the problem (with the redirect). I've read that a Redirect will strip the Header information but is there a way in Apigee to prevent that or replace the Header information. Thanks.
*** Additional comments***
It's possible my Endpoints or routing is not correct....
The way the API server behaves is:
when you login, it takes you to www.example.com/v2/myAPI
So I'm not sure how to put the Target URL and the basepath.
My current target URL is Default at www.example.com
My current basepath is /v2/myAPI.
Thanks for any help.
Hi @Todd Cavanaugh,
Without knowing your backend details, it would seem odd that invalid authentication would result in a 302; I would instead expect a 401. Can you try calling your backend directly with the credentials and let us know if you still get a 302 redirect?