Skip to main content
The numbering in the diagram below corresponds to the order of operations.
  • Security Manager in Apinizer requests Plain-Text type authentication information from API Client.
  • Authentication information is sent to be checked via LDAP.
  • LDAP returns a response to Apinizer regarding authentication information. If this authentication is correct, the flow continues.
  • Apinizer makes a request to Backend API.
  • Backend API responds to Apinizer.
  • Apinizer responds to API Client.
Scenario Diagram

Creating API Proxy

Scenario Diagram Access to the REST API named Swagger Petstore can be provided from https://petstore.swagger.io/. Click the API Proxies option under the Development menu.
Since no proxy definition has been made before on the opened page, the text No records found! appears.
Click the Create button in the top right corner and start creating a new proxy. Scenario Diagram In this section, it is necessary to select what type the API Proxy to be created is. Since the type of API to be used in this scenario will be Swagger 2.X, this type is selected. Click on the Enter URL expression to switch to the screen where the address of the API to be used will be entered. Senaryo Diyagramı Enter the address to be accessed in the URL section and click the Parse button. Scenario Diagram After the Parse operation is performed, settings for the API Proxy can be made.
  • The Usage field specifies who will use the created API Proxy. Options such as publisher, consumer, publisher and consumer are available here.
  • The Sharing Type field specifies the sharing type of the created API Proxy. Options such as external, internal, external and internal are available here.
  • One or both of the two API addresses under the Addresses tab can be selected. If both addresses are selected, Apinizer will perform the Load Balance operation itself.
  • Relative Path is the address where the created API Proxy will be opened for access.
  • The Category List field also allows categorization of the created API Proxy.
Scenario Diagram After these settings are made, the API Proxy is saved. After the save operation, click the Develop tab on the opened page. Scenario Diagram
Policies to be added with the All expression above these endpoints can be applied to all endpoints.
The created API proxy is deployed. For this, click the Deploy button in the middle section above. Scenario Diagram

Establishing LDAP/Active Directory Connection

Click the LDAP/Active Directory menu under the Connection Management menu.
Since no LDAP/Active Directory definition has been made before, the text There is no LDAP/Active Directory appears on this page.
Click the Create button in the top right corner to create the LDAP/Active Directory connection. Scenario Diagram The fields on this screen:
  • The Name field expresses the name of the connection to be created.
  • The Server Address field writes the address of the LDAP/Active Directory server to be connected to.
  • A description can be added to the created connection with the Description expression.
  • The Certificate Status field selects or creates a new certificate required for LDAP connection.
  • The Username field enters the username information to be used during connection, and the Password field enters the password to be used during connection.
  • The Base DN field also specifies the base dn address of the LDAP to be connected to.
Scenario Diagram Click the Test Connection button to perform the test, and click the Save and Deploy button to save the operations. Scenario Diagram After the registration operation is completed, the created connection is displayed as in the image below. Scenario Diagram

Creating Authentication Policy

Go to the page where API proxies are listed and select the proxy named Swagger Petstore from here. Go to the Develop tab and click the Add Policy button. On the opened page, the Plain-Text Authentication policy is selected. Scenario Diagram The fields on this screen:
  • The value to be selected in the Identity/Role/Group Service field is the LDAP value. Because authentication control will be performed by the structure in LDAP/Active Directory.
  • When the LDAP value is selected, the previously created LDAP connection must be selected.
  • The Variable for username and variable for password expressions also select which variable the username and password information will be retrieved with. In this scenario, these values will be retrieved from header.
If the Clear Authentication Information option is selected, authentication information in the incoming message is deleted. Activating this setting is always recommended unless there is a special situation.
  • The Add Client Info To Header option specifies whether client information will be present in the Header going to the backend API.
  • If this option becomes active, another parameter named Authenticated User Header Name appears.
  • The X-Authenticated-UserId expression here specifies the header name with which the client information going to the backend API will go.
Scenario Diagram The changes made are saved by clicking the Save button in the top right corner.
The relevant icon is seen when the policy is registered.
For the operation to be valid, the proxy must be Redeployed. Now the test operation of the methods in the proxy can be performed. Scenario Diagram

Testing the API Proxy

After selecting the “/pet/ endpoint, click the Test Endpoint button. Scenario Diagram Enter the desired petId value as “2” in the URL, and when the Send button is pressed, it is seen that the returned response is an error message. Scenario Diagram
It is seen that this error is related to the applied Plain-Text Authentication. Because no authentication information has been placed in the header in any way.
Enter username and password expressions in the header and repeat the test. Enter the values username = user.9 and password = Apinizer.1 in the headers to be sent to the Backend API. When the Send button is clicked, a successful response is received. Scenario Diagram