Contact Us 1-800-596-4880

Basic Authentication: Simple Policy

Policy Name

Basic Authentication: Simple

Summary

Allows access based on the basic authorization mechanism, with a single user-password

Category

Security

First Flex Gateway version available

v1.0.0

Returned Status Codes

400 - Unauthorized or invalid client application credentials in WSDL API using SOAP 1.2

401 - Unauthorized or invalid client application credentials in HTTP or RAML APIs

500 - Unauthorized or invalid client application credentials in WSDL API using SOAP 1.1

Summary

The Basic Authentication: Simple policy protects an API by forcing applications to provide a username and password when making requests.

When an error is encountered, the policy returns an "WWW-Authenticate" HTTP header field.

Configuring Policy Parameters

Flex Gateway Local Mode

In Flex Gateway Local Mode, you apply the Basic Authentication: Simple policy to your API via declarative configuration files. Refer to the following policy definition and table of parameters:

- policyRef:
    name: http-basic-authentication-flex
  config:
    username: <string> // REQUIRED
    password: <string> // REQUIRED
Parameter Required or Optional Default Value Description

username

Required

N/A

A base-64 encoded string

password

Required

N/A

A base-64 encoded string

Resource Configuration Example

- policyRef:
    name: http-basic-authentication-flex
  config:
    username: chris
    password: admin

Flex Gateway Connected Mode

When you apply the Basic Authentication: Simple policy to an API, a request to that API must contain the following header:

Authorization: Basic <username:password>

The username:password value must be a base64-encoded string. For example on a Mac OS X or Linux system, the username and password requirement is implemented as:

echo -n '<Client Id>:<Client Secret>' | base64