IBM Security Verify

 View Only
Expand all | Collapse all

Use IAG to inject content into the REQUEST body

  • 1.  Use IAG to inject content into the REQUEST body

    Posted Fri October 15, 2021 03:00 PM
    Overview
    We have an internal resource that uses an outdated method for authentication, which involves including the username/password into the body of the request as part of a JSON string. I want to replace that, having IAG inject the credentials into the body of the request before forwarding the request to the backend web service. The idea is that the requestor never needs to know the credentials because IAG will automatically inject them into the request.

    Question(s)
    1. Is it possible to have IAG manipulate the body of the incoming request?
    2. Can we get IAG to read the body of the incoming request?
    3. If not with IAG, how else could we accomplish what we're trying to do vis-a-vis injecting the credentials?


    ------------------------------
    Timothy
    ------------------------------


  • 2.  RE: Use IAG to inject content into the REQUEST body
    Best Answer

    Posted Fri October 15, 2021 04:48 PM
    Timothy,
     
    Unfortunately it is not possible to get IAG to manipulate the body of incoming HTTP requests.  I personally can't think of any way to achieve this.
     
    Thanks.
     
     
    Scott A. Exton
    Senior Software Engineer
    Chief Programmer - IBM Security Verify Access

    IBM Master Inventor