Basic Authentication: Simple Policy
Policy Name |
Basic Authentication: Simple |
Summary |
Allows access based on the basic authorization mechanism, with a single user-password |
Category |
Security |
First Flex Gateway version available |
v1.0.0 |
Returned Status Codes |
400 - Unauthorized or invalid client application credentials in WSDL API using SOAP 1.2 |
401 - Unauthorized or invalid client application credentials in HTTP or RAML APIs |
|
500 - Unauthorized or invalid client application credentials in WSDL API using SOAP 1.1 |
Summary
The Basic Authentication: Simple policy protects an API by forcing applications to provide a username and password when making requests.
The policy follows basic HTTP authentication standards.
When an error is encountered, the policy returns an "WWW-Authenticate" HTTP header field.
Configuring Policy Parameters
Flex Gateway Local Mode
In Flex Gateway Local Mode, you apply the Basic Authentication: Simple policy to your API via declarative configuration files. Refer to the following policy definition and table of parameters:
- policyRef:
name: http-basic-authentication-flex
config:
username: <string> // REQUIRED
password: <string> // REQUIRED
| Parameter | Required or Optional | Default Value | Description |
|---|---|---|---|
|
Required |
N/A |
A base-64 encoded string |
|
Required |
N/A |
A base-64 encoded string |
Flex Gateway Connected Mode
When you apply the Basic Authentication: Simple policy to an API, a request to that API must contain the following header:
Authorization: Basic <username:password>
The username:password value must be a base64-encoded string. For example on a Mac OS X or Linux system, the username and password requirement is implemented as:
echo -n '<Client Id>:<Client Secret>' | base64