Question
Cindy Fawcett · Apr 12, 2021

API Manager - transform header from basic auth to bearer token

I am working with InterSystems API Manager product and I'm trying to solve an authentication problem.  In our implementation, API Manager accepts basic authentication.  One of the endpoints accepts OAuth2.  The request coming into API Manager is FHIR and needs to have basic auth in the header.  The OAuth token is passed to API Manager as a parameter.  I want to send FHIR to the endpoint with a Bearer Token in the header instead of the basic auth that came into API Manager.  Has anyone used a transformation plug-in to solve a similar issue?  I'm trying to solve this problem in API Manager rather than the API endpoint.

00
3 0 4 79
Log in or sign up to continue

Replies

If I understand correctly, you want to replace an HTTP Header basic auth with a bearer token.
If the bearer token is static, you can implement a solution like this:
- https://github.com/grongierisc/iam-training/tree/training#6-third-add-ou...

If it is dynamic, I think you will have to develop your own plug-in:
- https://github.com/grongierisc/iam-training/tree/training#11-plugins

A good base to start working on could be this plugin:
- https://github.com/grongierisc/kong-plugin-jwt-crafter

Thank you!  This is helpful.  The bearer token is dynamic and I was not aware of custom plugins.

Thank you!  I was hoping to use an out-of-the-box plugin for the transformation.  I found the link you provided; however, I got stuck trying to reference a dynamic bearer token.  The bearer token will come in as a parameter, I want to set a variable to that parameter, then plug in the variable when building a new authentication section of the header.  Do you know of any examples or tutorials for variable use with a transformer plugin?