Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SAP API Management - Set Basic Authentication for API Proxy in Integration Suite

Karthik_ramadurai
Explorer

‎2024 Dec 07 4:03 PM - edited ‎2024 Dec 07 4:18 PM

5,928

Dear All,

In SAP Integration Suite, Basic Authentication offers a simple way to safeguard your API proxies using a username and password. This blog covers how to configure Basic Authentication for your API proxy in API Management.

Follow the Below Steps to Set Basic Authentication to your API Proxy.

Step 1 : Create a Proxy with your target endpoint (For test purpose i used httpbin URL)

https://httpbin.org/get

 

Karthik_ramadurai_0-1733582359836.png

 



Step 2 : Go to Policies and Assign Basic Authentication in PreFlow Incoming request Stream

 

Karthik_ramadurai_1-1733582978698.png

 Provide the below code in the policy editor:

 

<BasicAuthentication async='true' continueOnError='false' enabled='true' xmlns='http://www.sap.com/apimgmt'>
	<Operation>Decode</Operation>
	<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
	<User ref='current.username'></User>
	<Password ref='current.password'></Password>
	<Source>request.header.Authorization</Source>
</BasicAuthentication>

 

 

Step 3 : Add Raise Fault Policy in PreFlow Incoming Stream (Next to the Basic Authentication Policy)

Karthik_ramadurai_2-1733584889014.png

 

Karthik_ramadurai_3-1733585027869.png

 

<RaiseFault async="true" continueOnError="false" enabled="true" xmlns="http://www.sap.com/apimgmt">
    <FaultResponse>
        <Set>
            <Headers/>
            <Payload contentType="application/json">{"status" : "Error", "messege" : "401 Unauthorized" } </Payload>
            <StatusCode>401</StatusCode>
            <ReasonPhrase>Unauthorized</ReasonPhrase>
        </Set>
    </FaultResponse>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
</RaiseFault>

 

In RaiseFault Policy ConditionString Provide below Code (Replace "YOUR_USERNAME" & "YOUR_PASSWORD" with your credentials)

 

(current.username != "YOUR_USERNAME")  OR (current.password != "YOUR_PASSWORD")

 

Karthik_ramadurai_4-1733586105156.png

Save and Deploy.

Testing : 

To Test the Basic Authentication Try a GET Call for Your API Proxy in PostMan:

Positive Testing : 

Provide the exact Username and Password given in the Condition String :

Karthik_ramadurai_5-1733586720628.png


Negative Testing : 

Provide an incorrect username and password to verify if access is correctly denied.

Incorrect Username :

Karthik_ramadurai_6-1733586936015.png

Incorrect Password :

Karthik_ramadurai_7-1733587025412.png

Thank You!

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
Prasannavengatesh
Explorer
‎2025 Jan 28 12:10 PM
Thank you for sharing your insights on this topic.
TimonGartung
Discoverer
‎2025 Oct 16 9:41 AM
0 Likes

Nice Blog. It helped a lot to understand how to set up Basic Auth.

Is it possible to fetch the credentials from the Security Materials? I don't like the fact, that the username and password is hardcoded in the policies.

Rutik_Darekar_01
Discoverer
‎2026 Mar 15 1:35 PM
0 Likes
Great blog! In the policy, I can see that the credentials are hardcoded. Is there a way to implement this without hardcoding them?

Accepted Solutions (0)

Answers (0)

Ask a Question