Share via

How to set-up APIM Backend Authorization credentials Basic Authentication headers

Lorenzo Righini 0 Reputation points
2024-09-13T08:28:49.95+00:00

I have an Azure API Management service for which I have defined a Backend.

The Backend is a SOAP API that supports Basic authentication.

I have secured the Username and Password of the user for the Basic authentication in a Key Vault resource.

I am able to successfully invoke the Backend API using Basic authentication if I set the <authentication-basic username="username" password="password" /> policy within the policies section of my API definition.

But instead of doing this, I would prefer to specify the Basic authentication credentials in the Backend definition itself.

User's image

However, I'm not able to make it work.

As shown in the above screenshot, I have referenced the Username and Password secrets in the Key Vault, but I'm not sure how to use them there.

Like, what value should the "Parameter" field assume for the Basic authentication to work?

I tried to put base64(Username:Password) in there, but the Backend API is not receiving any Authentication header.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,166 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. LeelaRajeshSayana-MSFT 15,886 Reputation points Microsoft Employee
    2024-09-16T22:43:42.5+00:00

    Hi @Lorenzo Righini Greetings! Welcome to Microsoft Q&A forum. Thank you for posting this question here.

    You would need to use the authentication-basic policy to authenticate with a backend service using Basic authentication. This policy effectively sets the HTTP Authorization header to the value corresponding to the credentials provided in the policy

    Here is a sample policy you can add to the inbound section of the policies to add the authentication header.

    <authentication-basic username="username" password="password" />

    Please refer the document Set or edit Azure API Management policies to get more information on how to set p this policy.

    Hope this helps! If you need any additional assistance, please let us know and we would be happy to help you.

    If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.