Rediger

Del via


Authenticate with Basic

APPLIES TO: All API Management tiers

Use the authentication-basic policy to authenticate with a backend service using Basic authentication. This policy effectively sets the HTTP Authorization header to the value corresponding to the credentials provided in the policy.

Caution

Minimize risks of credential exposure when configuring this policy. Microsoft recommends that you use more secure authentication methods if supported by your backend, such as managed identity authentication or credential manager. If you configure sensitive information in policy definitions, we recommend using named values and storing secrets in Azure Key Vault.

Note

Set the policy's elements and child elements in the order provided in the policy statement. Learn more about how to set or edit API Management policies.

Policy statement

<authentication-basic username="username" password="password" />

Attributes

Attribute Description Required Default
username Specifies the username of the Basic credential. Policy expressions are allowed. Yes N/A
password Specifies the password of the Basic credential. Policy expressions are allowed. Yes N/A

Usage

Usage notes

  • This policy can only be used once in a policy section.
  • We recommend using named values to provide credentials, with secrets protected in a key vault.

Example

<authentication-basic username="testuser" password="testpassword" />

For more information about working with policies, see: