Authenticate with Basic
APPLIES TO: All API Management tiers
Use the authentication-basic policy to authenticate with a backend service using Basic authentication. This policy effectively sets the HTTP Authorization header to the value corresponding to the credentials provided in the policy.
Note
Set a policy's elements and child elements in the order provided in the policy statement. Learn more about how to set or edit API Management policies.
Policy statement
<authentication-basic username="username" password="password" />
Attributes
| Attribute | Description | Required | Default |
|---|---|---|---|
| username | Specifies the username of the Basic credential. Policy expressions are allowed. | Yes | N/A |
| password | Specifies the password of the Basic credential. Policy expressions are allowed. | Yes | N/A |
Usage
- Policy sections: inbound
- Policy scopes: global, product, API, operation
- Gateways: classic, consumption, self-hosted, workspace
Usage notes
- This policy can only be used once in a policy section.
- We recommend using named values to provide credentials, with secrets protected in a key vault.
Example
<authentication-basic username="testuser" password="testpassword" />
Related policies
Next steps
For more information about working with policies, see:
- Tutorial: Transform and protect your API
- Policy reference for a full list of policy statements and their settings
- Policy expressions
- Set or edit policies
- Policy samples