App Connect

 View Only

Modify APIKey before security identity is used

  • 1.  Modify APIKey before security identity is used

    Posted Tue August 22, 2023 09:03 AM
    Edited by Pieter van de Braak Tue August 22, 2023 09:18 AM

    We have a Rest service that uses a non standard format where the apitoken is stored in the authorization header but it prefixed and base64encoded .i.e. 

    HTTP Header
    
    Authorization : TokenName <base64encoded APIKEY>

    The easiest way would be to store the complete string of 'TokenName <base64encoded APIKEY>' in a security identity as APIKEY. then map the security identity in the Rest Request node and be done with it. However i feel that this could lead to troubles if the key were ever to change, because then you would need to do some transformations of the key before you an store it on the server again. So ideally the concat of TokenName and the base64encode are done in the flow is this possible? I was thinking of doing some sort of custom esql or custom java action, but it feels kind of clucky for something as easy as this. Is this even possible and if it is, what would be the easiest way to achieve it?

    I just came across the option to set the authentication scheme to bearer, would it be possible to set the scheme to bearer and then set the bearerFormat to TokenName ?



    ------------------------------
    Pieter van de Braak
    ------------------------------