Hello,
When I create a client application in Webmethods.io API Gateway I can define only OAuth2, JWT or OpenID as an authentication strategy, is there a way to use basic Auth?
Regards
Anass
Hello,
When I create a client application in Webmethods.io API Gateway I can define only OAuth2, JWT or OpenID as an authentication strategy, is there a way to use basic Auth?
Regards
Anass
The solution I found is adding an Authorization Basic string in Http headers manually, the string is username:password encoded in base64. And also activating HTTP Headers Identification type in API scope.
I am really sorry but this should not be done for basic authentication. But instead it should be done using Identification type as Basic Authentication and application identifier as Username.
@srikanth.prathipati1803 Sorry, but here we are talking about platform users not applications, I will not make a client as a platform user just to invoke the API. I think the application authentication strategy is clear as we do for OAuth2 for example, the client has his identifiers, but he doesn’t need to be a user in the platform but he’s just related to the application.
I agree with your aproch but in case the client is a platform user, I see that it’s not something secure that’s why we use applications.
For that OAuth2 Token should be used but header should not be configured as below.