API Authentication Provider
The Identity Provider specifies the user pool to be given to clients. These default Identity Providers are used when creating the Authentication Policy.
The picture below shows the Request Preperation settings for API Authentication:
The fields used in the Request tab configuration are shown in the table below.
| Field | Description | |
|---|---|---|
Name | The API Identity Provider name for the generated Identity Provider. | |
Description | A description can be written to facilitate the management of the created API Identity Provider. | |
Method | The HTTP Method of the API address that will authenticate is selected. Default Value: GET. | |
URL | The address of the API that will authenticate is entered. | |
Timeout | If there is no connection to the server during this time, given in seconds, it will give an error and the connection will be terminated. Default Value: 10 seconds. | |
Use Message Template | It is activated if a message template is to be used for the API. | |
Template Content Type | The type of message template content is selected. Default Value: JSON.
| |
Message Template | Depending on the selected message template type, the message template is entered. | |
Take Username | If the user name is to be taken, it is activated. | |
Take Username From | The place where the username will be taken is selected. Default Value: Incoming Request Message.
| |
Username Variable | A variable must be selected to access the username value. | |
Request Data Manipulation | You can move the desired parts of the incoming request into the request message sent to the API that will authenticate. The Source Variable specifies which part of the incoming message will be received, and the Destination Variable specifies where this information will be placed in the message to be sent to the API. | |
The picture below shows the Assertions settings to validate API Authentication Response:
The fields used in the Assertions tab configuration are shown in the table below.
| Field | Description | |
|---|---|---|
Assertions | Assert Result Status Code | A specific result for confirmation is selected to use the status code. |
| Expected Status Code | The status code that is expected to be returned by the API is entered. | |
Assert Result Body | It is selected when a certain body is expected to return for confirmation. | |
Expected Result Body | Enter the text that the response messages returned by the API are expected to contain. | |
Assert Result XPath | It is selected when a certain value is expected for a certain field of the incoming XML message for confirmation. | |
XPath Expression | Enter the Xpath pointing to the part where the expected value is found. | |
Expected Result Body | The expected value is entered. | |
Assert Result JsonPath | It is selected when a certain value is expected for a certain field of the incoming Json message for confirmation. | |
| Enter the Jsonpath pointing to the part where the expected value is found. | ||
Expected Xml Result | The expected value is entered. | |
The picture below shows the Response Common settings:
The fields used in the Response Common tab configuration are shown in the table below.
| Field | Description | |
|---|---|---|
Response Common | Use Response Status Code of API in case of Failed Result | When a message is received that the confirmation part will consider unsuccessful, the Http status code is returned as an answer. |
Use Response Message of API in case of Failed Result | When there is a message that the confirmation part will consider unsuccessful, the Token returns an error message as a response. | |
The picture below shows the Response for Proxy settings:
The fields used in the Response for Proxy tab configuration are shown in the table below.
| Field | Description | |
|---|---|---|
Response for Proxy | It is the variable used to express where any value from the message content should be taken from in the message. For variable usage, you can visit the Variables page. | |
Target Value/Variable | It is the variable used to express where any value taken from the message content that will return in the response message should be placed in the message. For variable usage, you can visit the Variables page. | |
| It is the variable used to express where any value from the message content should be taken from in the message. For variable usage, you can visit the Variables page. | |
Target Value/Variable | It is the variable used to express where any value taken from the message content that will return in the response message should be placed in the message. For variable usage, you can visit the Variables page. | |
The picture below shows the Response for Token settings:
The fields used in the Response for Token tab configuration are shown in the table below.
| Field | Description | |
|---|---|---|
Response for Token | Insert Response Of API To Token Response | If selected, the response from the API will be the Token response. |
It is the variable used to express from where in the message any value from the message content to be returned in the response message will be taken. For variable usage, you can visit the Variables page. | ||
Claim Name | The piece taken from the message content is added to the JWT Token with the name given here. | |
The picture below shows the Response for Roles settings:
The fields used in the Response for Roles tab configuration are shown in the table below.
| Field | Description | |
|---|---|---|
Response for Roles | Activated if you want to retrieve the roles of the authenticated user from the response returned by the API. | |
Response Contains Roles | It is the variable used to express which value that comes in the message content contains the roles. For variable usage, you can visit the Variables page. | |