Basic Authentication – Client ID enforcement
Basic authentication – Client ID enforcement is simple and most widely used authentication mechanism in HTTP based services or APIs. The client sends HTTP requests with the Authorization HTTP header that contains the word Basic word followed by a space and a base64-encoded string username:password .
For example, to authorize as username/password the client would send below HTTP header
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
MuleSoft already provide OOTB Basic Authorization policy in API Manager which can be assigned to any mulesoft API to secure its endpoint
To Start with we first create a sample project in Design Center
Project – basic-auth-sample
RAML
#%RAML 1.0
title: basic-auth-sample
version: 1.0.0
securitySchemes:
basic:
description: |
This API supports Basic Authentication.
type: Basic Authentication
/booking:
get:
securedBy: [basic]
description: retrieve route list
queryParameters:
destination:
type: string
required: false
responses:
200:
body:
application/json:
Design Center
Now publish it to Exchange and API Manager
Exchange –
Provide the asset version
Exchange asset will be created
Now create an API Manager configuration
This will create the API Manager configuration for basic-auth-sample
Click Policies -> Apply New Policy -> Client ID enforcement
Select Basic Authentication Header policy and apply
Now create mule application in Anypoint Studio
Add API Auto Discovery configuration – more on API Auto Discovery
Deploy the project on Cloudhub
API Manager Configuration should now come as active
Now if we test our API it will through 401 Unauthorized error
To call this service successfully we have to create Client application in Exchange and request for access
Create and assign the Application name
Client ID and Secret will be generated
Now we will use this Client ID as username and Client Secret as password while calling the API
Now we can see the 200 success response
Also if we look raw request then we can see Authorization header is also passed for basic authorization, this is done by SOAP UI internally for us.
Design Center project – basic-auth-sample
Sample mule application – basic-auth-sample
Sample SOAP UI project – basic-auth-sample-soapui-project
on an onprem installation, what are the files under policies folder, and how the process use them?
exemple : policies]$ ls -lrt client-id-enforcement*
-rw-rw-r–. 1 mcdev10 mule 1617 Apr 6 2022 client-id-enforcement-294466.xml
-rw-rw-r–. 1 mcdev10 mule 1626 Apr 6 2022 client-id-enforcement-294504.xml
-rw-rw-r–. 1 mcdev10 mule 1614 Apr 6 2022 client-id-enforcement-246209.xml
-rw-rw-r–. 1 mcdev10 mule 1620 Apr 6 2022 client-id-enforcement-294425.xml
-rw-rw-r–. 1 mcdev10 mule 1611 Apr 6 2022 client-id-enforcement-294427.xml
-rw-rw-r–. 1 mcdev10 mule 1612 Apr 6 2022 client-id-enforcement-294440.xml
-rw-rw-r–. 1 mcdev10 mule 1614 Apr 6 2022 client-id-enforcement-294481.xml
-rw-rw-r–. 1 mcdev10 mule 1619 Apr 6 2022 client-id-enforcement-294456.xml
hi bro
please check ss of https://mulesy.com/basic-authentication-client-id-enforcement/
it mistakenly has ss of basic auth
thanks
Lokesh
Is basic auth and client id enforcement same?
In client id enforcement policy you get the option of passing the credentials i.e. client id/secret in basic auth way or as http headers. But both are not same to answer your question.