Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

HTTP auth - Calling external API with parameters

Go to solution
ktm_2000
Altostratus
Altostratus

‎01-Nov-2023 14:06

Folks I am relatively new to F5 and am trying to do a custom auth by passing paramaters to an API and getting a response.

The api is expecting me to call     url\param1\param2\param3

Upon success it currently returns true

I've tested HTTP auth by setting up an AAA server and tried basic auth and I can build a statement with the required parameters and get it sent to the API and the API is successfully evaluating the conditions as expected.   If the API replys with true on success or with false for failure the F5 is considering either condition a success.

my issue is that in forms or custom post,  you can define what the success criteria is and in basic that option is not available.     I can have the developer code whatever is needed for a successful response but am struggling to find out what the F5 is looking for to determine a successfull response.

 

I have found the following and it seems that it is looking for a "200" as success

 https://stackoverflow.com/questions/32671292/determine-whether-a-basic-authentication-login-was-succ...

 

Can anyone confirm that the F5 is indeed looking for a "200" response?

thanks in advance!!!!

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Niels_van_Sluis
MVP
MVP

‎01-Nov-2023 22:58 - edited ‎01-Nov-2023 22:59

When using Basic authentication a status code of 200 means that all is okay and no authentication is needed or that authentication already was successful. The server should respond with a status code of 401, until the client has been successfully authenticated. The picture below shows how it should work.

1F2E2578-3C7F-4B0C-8D47-81E6DF493726.png

 

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
Niels_van_Sluis
MVP
MVP

‎01-Nov-2023 22:58 - edited ‎01-Nov-2023 22:59

When using Basic authentication a status code of 200 means that all is okay and no authentication is needed or that authentication already was successful. The server should respond with a status code of 401, until the client has been successfully authenticated. The picture below shows how it should work.

1F2E2578-3C7F-4B0C-8D47-81E6DF493726.png

 

0 Kudos

Go to solution
ktm_2000
Altostratus
Altostratus

‎02-Nov-2023 07:06

Thank you,   We had it coded to reply http 200 for both and had text to differentiate between valid or not.   I had the developer throw http 401 - unauthorized for false and redeployed.

All is working well.    Thank you for your insight!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

0 Kudos
Copyright © 2023 Khoros, LLC