Basic Authorization

Description

The Basic Authorization policy follows the RFC-7617 standard. From the standard, if a user agent wanted to send the user-id “Aladdin” and password “open sesame”, it would use the following HTTP header.

Example: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

Usage

In order to use the Basic Authorization policy, consumers must be created and basic-auth credentials created for them.

To create consumers (users and apps): use the CLI and create user or create app command.

To create a basic-auth credential for an app or user: use the CLI and create credential command with type basic-auth.

To enable the Basic Authorization policy, add basic-auth in gateway.config.yml in the policies section.

policies:
  - basic-auth
  # other policies

Example


pipelines:
 pipeline1:
  apiEndpoints:
    - authorizedEndpoint
  policies:
    -
      basic-auth:
    -
      proxy:
        action:
          serviceEndpoint: backend