How to include user name and password before I call a secured(basic authentication) web service
Hi team,
I am new to APIGEE, I need to call a web service which is secured with basic authentication,
I need to pass user name and password of that service so that request will be authenticated successfully.
Could you please let me know where should I pass credentials.
Many thanks
,
Answer by Barahalikar Siddharth
·
Apr 21 at 12:03 PM
Hi @sairam b, there are multiple approaches to achieve this,
For testing purpose, you can use Postman client where you can enter username & password.
Withing Apigee, what I usually do is,
- First convert your username and password to Base64 string
- Simply use an Assign Message policy with Set >> Headers
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Assign-Message-1">
<DisplayName>Assign Message-1</DisplayName>
<Set>
<Headers>
<Header name="Authorization">Basic <base64 string></Header>
</Headers>
</Set>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
<AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>
Let me know if it worked.
@Barahalikar Siddharth . I followed above steps shared by you. But I am getting below error.
20003
Your AccountSid or AuthToken was incorrect.
Authentication Error - No credentials provided
https://www.twilio.com/docs/errors/20003>
401
I have used postman client and attached is screenshot for your reference. Request you to please help here.
Answer by Dino
·
Apr 21 at 11:17 PM
Assuming you have the username and password stored *somewhere*, What I would do is use the BasicAuthentication policy, and encode the header. like this:
<BasicAuthentication name="ApplyBasicAuthHeader"> <DisplayName>ApplyBasicAuthHeader</DisplayName> <Operation>Encode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <User ref="BasicAuth.credentials.username" /> <Password ref="BasicAuth.credentials.password" /> <AssignTo createNew="false">request.header.Authorization</AssignTo> </BasicAuthentication>
Attach that policy into the target request flow. The outbound request will carry the credentials.
@Dino , as per your above comment "Assuming you have the username and password stored *somewhere*" . Could you please let m eknow where we can store username and password.
Can we store inside APIs-> Environment configuration->KVM or in some other place?
If you would like to store in Apigee, I suggest Encrypted KVM.
@Anil Sagar Thansk for quick response. I encrypted Account SID and Auth Token in KVM. and used basic auth policy in target end point pre flow as below.
and while sending request i used header Authorization:Basic XXXX.BUt i am getting below error message.
{ "fault": { "faultstring": "Unresolved variable : BasicAuth.credentials.Account SID", "detail": { "errorcode": "steps.basicauthentication.UnresolvedVariable" } } }
Request you to help me here
