How to include user name and password before I call a secured(basic authentication) web service

Question

Hi team,

I am new to APIGEE, I need to call a web service which is secured with basic authentication,

I need to pass user name and password of that service so that request will be authenticated successfully.

Could you please let me know where should I pass credentials.

Many thanks

,

Answer 1

Answer by Siddharth Barahalikar · Apr 21, 2017 at 12:03 PM

Hi @sairam b, there are multiple approaches to achieve this,

For testing purpose, you can use Postman client where you can enter username & password.

Withing Apigee, what I usually do is,

First convert your username and password to Base64 string
Simply use an Assign Message policy with Set >> Headers

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Assign-Message-1">
    <DisplayName>Assign Message-1</DisplayName>
    <Set>
        <Headers>
            <Header name="Authorization">Basic <base64 string></Header>
        </Headers>
    </Set>
    
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>

Let me know if it worked.

Add comment Show 1 · Link

10 |5000 characters needed characters left characters exceeded

ramakrishna.mangi · Jul 04, 2017 at 08:22 AM 0

Link

@Barahalikar Siddharth . I followed above steps shared by you. But I am getting below error.

20003 Your AccountSid or AuthToken was incorrect. Authentication Error - No credentials provided https://www.twilio.com/docs/errors/20003> 401

I have used postman client and attached is screenshot for your reference. Request you to please help here.

screenshot.png

screenshot.png (52.4 kB)

Answer 2

Answer by Dino · Apr 21, 2017 at 11:17 PM

Assuming you have the username and password stored *somewhere*, What I would do is use the BasicAuthentication policy, and encode the header. like this:

<BasicAuthentication name="ApplyBasicAuthHeader">
   <DisplayName>ApplyBasicAuthHeader</DisplayName>
   <Operation>Encode</Operation>
   <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
   <User ref="BasicAuth.credentials.username" />
   <Password ref="BasicAuth.credentials.password" />
   <AssignTo createNew="false">request.header.Authorization</AssignTo>
</BasicAuthentication>

Attach that policy into the target request flow. The outbound request will carry the credentials.

Add comment Show 5 · Link

10 |5000 characters needed characters left characters exceeded

ramakrishna.mangi · Jul 04, 2017 at 09:23 AM 0

Link

@Dino , as per your above comment "Assuming you have the username and password stored *somewhere*" . Could you please let m eknow where we can store username and password.

Can we store inside APIs-> Environment configuration->KVM or in some other place?

Anil Sagar @ Google ♦♦ ramakrishna.mangi

· Jul 04, 2017 at 09:37 AM 0

Link

If you would like to store in Apigee, I suggest Encrypted KVM.

ramakrishna.mangi Anil Sagar @ Google ♦♦ · Jul 04, 2017 at 10:09 AM 0

Link

@Anil Sagar Thansk for quick response. I encrypted Account SID and Auth Token in KVM. and used basic auth policy in target end point pre flow as below.

and while sending request i used header Authorization:Basic XXXX.BUt i am getting below error message.

{ "fault": { "faultstring": "Unresolved variable : BasicAuth.credentials.Account SID", "detail": { "errorcode": "steps.basicauthentication.UnresolvedVariable" } } }

Request you to help me here

target-end-point-pre-flow.png (23.7 kB)

Show more comments

Get answers, ideas, and support from the Apigee Community

How to include user name and password before I call a secured(basic authentication) web service

2 Answers

Follow this Question

Related Questions