VerifyApikey policy did not populate variable verifyapikey.VerifyAPIKey.client_secret

pengdu30
Participant II

Trying to do a test using basic auth to access Apigee Edge API Proxy and found after successfully verify api key the variable verifyapikey.VerifyAPIKey.client_secret value is blank. Here is the policy I'm using in PreFlow:

<Step>

<Name>verify-api-key</Name>

</Step>

According to following link after VerifyApiKey policy executed successfully the variable verifyapikey.VerifyAPIKey.client_secret value is blank when I using trace:

https://community.apigee.com/questions/19248/can-you-validate-client-key-and-secret-without-gen.html

Any suggestions? Thanks.

0 4 436
4 REPLIES 4

pengdu30
Participant II

After verify-api-key step, I have following step, which catched the mismatch:

<Step> <Condition>verifyapikey.VerifyAPIKey.client_secret != request.queryparam.password</Condition> <Name>RaiseFault-SecretMismatch</Name> </Step>

pengdu30
Participant II

Have some additional findings, if I remove the Condition step, actual in the next step I can see the flow variables populated correctly. Now the issue looks like related to the way how to add the Condition step, should this be wrapped in a policy in order for it to use the flow variables?

pengdu30
Participant II

Found the issue, in Condition the variable name need to be surrounded by {...}, found this when reading https://community.apigee.com/questions/34852/apikey-from-oauth-for-use-in-separate-proxy-with-s.html <Step> <Condition>{verifyapikey.VerifyAPIKey.client_secret} != {request.header.password}</Condition> <Name>RaiseFault-SecretMismatch</Name> </Step>

That seems surprising. But I'm glad you got it sorted!