This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Target Endpoint requires Basic Auth with authorization header but keep getting a 500 Internal server error

Posted on 08-08-2018 08:51 AM
adamsanchez
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

I seem to be going round in circles with trying to implement an API proxy in which the target endpoint uses basic auth [username] and [password] and expects an authorization header.

Using the basic auth policy on the target preflow i have it as follows :

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<BasicAuthentication async="false" continueOnError="false" enabled="true" name="Basic-Authentication-2">
    <DisplayName>Basic Authentication-1</DisplayName>
    <Operation>Decode</Operation>
    <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
    <User ref="request.header.username"/>
    <Password ref="request.header.password"/>
    <AssignTo createNew="false">request.header.Authorization</AssignTo>
    <Source>request.header.Authorization</Source>
</BasicAuthentication>
Solved Solved
0 15 4,641
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
amitkumar2091
New Member
Reply posted on --/--/---- --:-- AM

You are using decode operation , does the request already have Basic base64encodedstring in Authorization header required by target system ?

Basic Authentication supports outbound encoding and inbound decoding.

Outbound Encoding

When request have username and password in simple text and it need to be encoded and added to authorization header(or anywhere else) before hitting target.

Below code will take simple text username and password from request headers , base64 encode it and set it to Authorization header.

<BasicAuthentication name="ApplyBasicAuthHeader">
   <DisplayName>ApplyBasicAuthHeader</DisplayName>
   <Operation>Encode</Operation>
   <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
   <User ref="request.header.username" />
   <Password ref="request.header.password" />
   <AssignTo createNew="false">request.header.Authorization</AssignTo>
</BasicAuthentication>

Inbound Decoding

When request/response contains base64encoded string and need to decode it in simple text for furthur use.

Below code will take value of authorization header (Basic <base64encodedstring> ) , decode it and assign it to username and password headers.

<BasicAuthentication name="DecodeBaseAuthHeaders">
   <DisplayName>Decode Basic Authentication Header</DisplayName>
   <Operation>Decode</Operation>
   <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
   <User ref="request.header.username" />
   <Password ref="request.header.password" />
   <Source>request.header.Authorization</Source>
</BasicAuthentication>

Please take this docs refrence for furthur clarification and configure policy according to your need.

Hope this will help !!!

View solution in original post

Jump to Solution
0 Likes
15 REPLIES 15
Top Solution Authors
View all