How to include user name and password before I call a secured(basic authentication) web service
Hi team,
I am new to APIGEE, I need to call a web service which is secured with basic authentication,
I need to pass user name and password of that service so that request will be authenticated successfully.
Could you please let me know where should I pass credentials.
Many thanks
,
Answer by Barahalikar Siddharth
·
Apr 21 at 12:03 PM
Hi @sairam b, there are multiple approaches to achieve this,
For testing purpose, you can use Postman client where you can enter username & password.
Withing Apigee, what I usually do is,
- First convert your username and password to Base64 string
- Simply use an Assign Message policy with Set >> Headers
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Assign-Message-1">
<DisplayName>Assign Message-1</DisplayName>
<Set>
<Headers>
<Header name="Authorization">Basic <base64 string></Header>
</Headers>
</Set>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
<AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>
Let me know if it worked.
Answer by Dino
·
Apr 21 at 11:17 PM
Assuming you have the username and password stored *somewhere*, What I would do is use the BasicAuthentication policy, and encode the header. like this:
<BasicAuthentication name="ApplyBasicAuthHeader"> <DisplayName>ApplyBasicAuthHeader</DisplayName> <Operation>Encode</Operation> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <User ref="BasicAuth.credentials.username" /> <Password ref="BasicAuth.credentials.password" /> <AssignTo createNew="false">request.header.Authorization</AssignTo> </BasicAuthentication>
Attach that policy into the target request flow. The outbound request will carry the credentials.
