I currently have services protected via basic auth. If I front those services with API Manager, I need to pass in the OAuth bearer token AND the basic auth token. So the curl call looks something like:
curl -v -u myusername:mypassword -H "Accept: application/xml" -H "Authorization: Bearer 7a473720764791e63fe50934f416912" http://servicehose:8280/context/param
However, I get an internal server 500 error. How to call basic auth rest service fronted by API Manager?
There's an option to call a secured service from API Manager. When creating the API you can provide the URL of the secured backend service and then apply "Secured" option for Endpoint Security Scheme field. When selecting this, you'll have to provide the credentials to access the secured service. With this, you can invoke the API, by only providing the Bearer token. API Manager will create the Basic Header when accessing the back end service.
Related
On the AWS side it needs to be orchestrated in such a way that on receiving both Access and Bearer token as comma separated it has to call the application API using the bearer token in the header. My app login works now post cognito login but signs out immediately back to the login page. Can someone please suggest .I am using JWT authorizer
I have a docker file that needs to access the GCP bucket. I do not want to authenticate GCP using SA and gcloud utility (gcloud auth activate-service-account <<gcp account>> --key-file=<<serviceaccount>>.json due to security violence.
I want to use a different authentication approach with security compliance.
Could anyone please help with the same?
You can try API authentication to access GCP bucket instead of using ‘gsutil’ and client library authentication.
To make requests using OAuth 2.0 to either the Cloud Storage XML API or JSON API, include your application's access token in the Authorization header in every request that requires authentication. You can generate an access token from the OAuth 2.0 Playground.
Authorization: Bearer OAUTH2_TOKEN
Use the list method of the Objects resource.
GET /storage/v1/b/example-bucket/o HTTP/1.1
Host: www.googleapis.com
Authorization: Bearer’ ya29.AHES…….gSwg’
To authorize requests from the command line or for testing, you can use the curl command with the following syntax:
curl -H "Authorization: Bearer OAUTH2_TOKEN "https://storage.googleapis.com/storage/v1/b/BUCKET_NAME/o"
For local testing, you can use the ‘gcloud auth application-default print-access-token’ command to generate a token.
Due to the complexity of managing and refreshing access tokens and the security risk when dealing directly with cryptographic applications, we strongly encourage you to use a verified client library.
Cloud storage authentication for additional information.
I followed the tutorial on the Google Cloud Run page and I have created a small, private Google Cloud Run API. Now I can use curl as described here to make requests to my API:
curl -H "Authorization: Bearer $(gcloud auth print-identity-token)" SERVICE_URL
So far so good. Now I would like to build a slackbot. The slackbot should respond to slashcommands and whenever a certain slashcommand is issued it should 1) authenticate itself with the API and then 2) issue a command.
Is that possible? I looked around in the entire Slack API documentation, but could not find an example in which a Slack Bot had to authenticate itself with another service. Could someone maybe point me to a guide/tutorial where the author implemented a private API in the Google Cloud that is called from a slackbot?
It's not possible. Instead of giving Slack the ability to make an authenticated request to your Cloud Run instance, configure it to allow unauthenticated access and instead validate that the event from Slack is valid by validating the token provided in the request.
This is described in Slack's Event's API documentation:
token: The shared-private callback token that authenticates this callback to the application as having come from Slack. Match this against what you were given when the subscription was created. If it does not match, do not process the event and discard it.
I'm using WSO2 6.5.0, i created proxy service which calls external REST API,
But I have to add Bearer Token to the Header,
Please refer the below question :
How to call rest service from wso2 proxy service using BEARER Token?
Since ESB is working stateless, you have to set Bearer token from the client-side and send the request to the ESB.
We have REST based web services hosted on Salesforce.com. We are able to access the web services by using workbench REST explorer but we can't access the web service directly in browser and getting error "INVALID_SESSION_ID". Please provide any pointers to access this service directly in browser. We have Saleforce user id , password and Security Token. We are passing security token in the header to access the service directly in the browser but getting "INVALID_SESSION_ID".
-H "Authorization: Bearer XXXXXXXXXX" where XXXXXXXXX is the security token.
Thanks in advance.
Regards,
Parveen
Actually you need to use oauth Access token in the header rather than security token. So create a app on salesforce and enable oauth on that app. Now you need to get access token for your salesforce account. After that pass this access token in the header (like you are passing security token).
This will work as i have used this.