How can we improve Azure API Management?

Support Basic Authentication in Front-end API

We are currently consuming our APIs via various clients, including Microsoft Excel and various integration tools. These tools do NOT support the current front-end API authentication methods.
One solution is to enable Basic Auth support in the front-end API.
The existing username and subscription key could be used as the credentials, but the API Management would accept them in the standard base64-encoded Authorization header.

25 votes
Vote
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
You have left! (?) (thinking…)
Jim R shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

3 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Nishan commented  ·   ·  Flag as inappropriate

    Try this

    <policies>
    <inbound>
    <set-variable name="AuthValue" value="@("Basic " + Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes(string.Format("{0}:{1}", "{{username}}", "{{password}}"))))" />
    <trace source="arbitrary string literal">@(context.Variables.GetValueOrDefault<string>("AuthValue"))</trace>
    <check-header name="Authorization" failed-check-httpcode="401" failed-check-error-message="Not authorized" ignore-case="false">
    <value>@(context.Variables.GetValueOrDefault<string>("AuthValue"))</value>
    </check-header>
    <base />
    </inbound>
    <backend>
    <base />
    </backend>
    <outbound>
    <base />
    </outbound>
    <on-error>
    <base />
    </on-error>
    </policies>

  • Jim R commented  ·   ·  Flag as inappropriate

    Thanks for the response. I can see how you could implement this by hard-coding credentials into a Named Value, however I would like to use the Product & Subscription capability of API Management.
    What I think I am looking for, is for API Management to do the standard subscription "authentication" based on the Subscription Key provided in the request, but that the WAY the subscription key is provided is using the Basic Auth method (Authorization header containing username & subscription key) instead of the current method (Ocp-Apim-Subscription-Key header containing subscription key).

Feedback and Knowledge Base