OutSystems Platform allows you to add basic authentication to requests made to your REST APIs.
Typically, the steps to implement basic authentication in a REST API are the following:
To register a user credentials, you should go to your user management application. Read more About End-user Management.
We have an application to manage contacts. It has the 'Contacts' REST API with method 'GetContacts'. This REST API doesn't have any authentication yet. In this example, we will add basic authentication to it.
This example is a continuation of another one in a previous topic. To see how to create the REST API service and method, please read Expose Data using REST.
We've got to set the authentication mode for the REST API:
OutSystems Platform creates the OnAuthentication action to handle basic authentication with:
All methods of the 'Contacts' REST API will now require basic authentication.
After deploying to our environment in the public cloud, we test the method with a curl command:
The result is:
We need to authenticate, so we add the credentials to the request:
curl --user mike.fitt:123456 https://osacademy.outsystemscloud.com/ContactsAPI/rest/Contacts/GetContacts
The result is:
We have to go to the user management console to register the user credentials: mike.fitt/1234565.
Now, when we run the curl with the credentials, it works and returns the following result:
Roles allow you to select which API resources a user has access to. This means that after a user has authenticated, you can still decide if that user has the privileges to use a REST API or a method. Learn more about roles.
Add Custom Authentication | Expose Data using REST