how to add both basic and Oauth 2.0 Authentication for an Api ?

I have a Requirement like

Depending upon some condition either basic or Oauth 2.0 should select to Authorize the Request. How to implement this in OnAuthentication Action.


Regards

Santhu


Are you wanting to expose an API and use oAuth to secure it or consume an API that uses oAuth?  What have you done so far?

Stacey Levine wrote:

Are you wanting to expose an API and use oAuth to secure it or consume an API that uses oAuth?  What have you done so far?

Hello Stacey Levine

I have Exposed an API  for that, I need to perform both basic and Oauth 2.0 

thanks 

Santhu


Hi Samu,

I guess if you have to manage multiple API's OutSystems or not in a central place, you should probably choose a 3rd party provider.

If your API's are just OutSystems I would give a shot to this component oAuth2 Provider and see if it works for you.

Either way, how are you going to determine which authentication to use on each request?

Cheers

Rui Barbosa wrote:

Hi Samu,

I guess if you have to manage multiple API's OutSystems or not in a central place, you should probably choose a 3rd party provider.

If your API's are just OutSystems I would give a shot to this component oAuth2 Provider and see if it works for you.

Either way, how are you going to determine which authentication to use on each request?

Cheers

Hello Rui Barbosa


We are not checking on  Each Request, I have created the site property if that site property is true we need to perform the oauth2.0 otherwise need to perform the Basic Authorization.

Thanks

Santhu

Hi Santhu,

When we need to expose API's that need to be oAuth2 protected we are placing API Management from Azure in front of our API's. As OutSystems doesn't support this natively and we don't want to build an authentication provider ourselves this is good enough solution for us. I can only hope that OS 12 will support oAuth native as it's the de facto authentication standard on the web.

Should you however build your own implementation of oAuth2 then you can create an "On Authentication" action by setting the Authentication to "Custom" on the Exposing REST API. In here you can create your authentication flow and decide if you want to give access or not.