How to include user name and password before I call a secured(basic authentication) web service

Not applicable

Hi team,

I am new to APIGEE, I need to call a web service which is secured with basic authentication,

I need to pass user name and password of that service so that request will be authenticated successfully.

Could you please let me know where should I pass credentials.

Many thanks

,

0 9 4,947
9 REPLIES 9

Not applicable
@Birute Awasthi

any pointers on this ??

sidd-harth
Participant V

Hi @sairam b, there are multiple approaches to achieve this,

For testing purpose, you can use Postman client where you can enter username & password.

Withing Apigee, what I usually do is,

  • First convert your username and password to Base64 string
  • Simply use an Assign Message policy with Set >> Headers
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Assign-Message-1">
    <DisplayName>Assign Message-1</DisplayName>
    <Set>
        <Headers>
            <Header name="Authorization">Basic <base64 string></Header>
        </Headers>
    </Set>
    
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>

Let me know if it worked.

@Barahalikar Siddharth . I followed above steps shared by you. But I am getting below error.

<?xml version='1.0' encoding='UTF-8'?> <TwilioResponse> <RestException> <Code>20003</Code> <Detail>Your AccountSid or AuthToken was incorrect.</Detail> <Message>Authentication Error - No credentials provided</Message> <MoreInfo>https://www.twilio.com/docs/errors/20003</MoreInfo> <Status>401</Status> </RestException> </TwilioResponse>

I have used postman client and attached is screenshot for your reference. Request you to please help here.

screenshot.png

Assuming you have the username and password stored *somewhere*, What I would do is use the BasicAuthentication policy, and encode the header. like this:

<BasicAuthentication name="ApplyBasicAuthHeader">
   <DisplayName>ApplyBasicAuthHeader</DisplayName>
   <Operation>Encode</Operation>
   <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
   <User ref="BasicAuth.credentials.username" />
   <Password ref="BasicAuth.credentials.password" />
   <AssignTo createNew="false">request.header.Authorization</AssignTo>
</BasicAuthentication>

Attach that policy into the target request flow. The outbound request will carry the credentials.

@Dino , as per your above comment "Assuming you have the username and password stored *somewhere*" . Could you please let m eknow where we can store username and password.

Can we store inside APIs-> Environment configuration->KVM or in some other place?

If you would like to store in Apigee, I suggest Encrypted KVM.

@Anil Sagar Thansk for quick response. I encrypted Account SID and Auth Token in KVM. and used basic auth policy in target end point pre flow as below.

5237-target-end-point-pre-flow.png

and while sending request i used header Authorization:Basic XXXX.BUt i am getting below error message.

{ "fault": { "faultstring": "Unresolved variable : BasicAuth.credentials.Account SID", "detail": { "errorcode": "steps.basicauthentication.UnresolvedVariable" } } }

Request you to help me here

@Anil Sagar I have used decode operation in basic authentication policy and while sending request used header Authorization for credentials as base64 (encoded). This helped to resolve the issue.

But if i want to use encode operator and if i dont want to send encoded credentials as authrozation header while sending request, is there ant way to help this

@ramakrishna.mangi , Basic Authentication Policy in Apigee Edge helps you either encode the username & password to base64 and sets Authorization header given username & password or decodes the authorization header & sets username & password as flow variables given Base64 Auth header. That's all it does.

Apigee by default sends all the information to target. If you pass headers it will just pass same to target, if you pass query parameters , it will just pass to target by default. If you would like to manipulate same in middle, You can do same using policies.

Hope it helps.