Microgateway 10.5 | webMethods Microgateway Help | Policies | Routing | Outbound Authentication - Transport
 
Outbound Authentication - Transport
When the native API is protected and expects the authentication credentials to be passed through transport headers, you can use this policy to provide the credentials that will be added to the request and sent to the native API. Microgateway supports a wide range of authentication schemes, such as Basic Authentication, OAuth, and JWT at the transport-level.
Note:
Transport-level authentication can be used to secure the REST APIs.
The table lists the properties that are supported for this policy in Microgateway:
Parameter
Description
Authentication scheme
Specifies one of the following schemes for outbound authentication at the transport level:
*Basic. Uses basic HTTP authentication details to authenticate the client.
*OAuth2. Uses OAuth token details to authenticate the client.
*JWT. Uses JSON web token details to authenticate the client.
*Anonymous. Authenticates the client without any credentials.
*Alias. Uses the configured alias name for authentication.
Authenticate using
Specifies one of the following modes to authenticate the client:
*Custom credentials. Uses the values specified in the policy to obtain the required token to access the native API.
*Delegate incoming credentials. Uses the values specified in the policy by the API providers to select whether to delegate the incoming token or act as a normal client.
*Incoming HTTP Basic Auth credentials. Uses the incoming user credentials to retrieve the authentication token to access the native API.
*Incoming OAuth token. Uses the incoming OAuth2 token to access the native API.
*Incoming JWT. Uses the incoming JSON Web Token (JWT) to access the native API.
Basic
Uses the HTTP authentication details to authenticate the client.
Microgateway supports the following modes of HTTP authentication:
*Custom credentials
*Incoming HTTP Basic Auth credentials
Provide the following credentials:
*User Name. Specifies the user name.
*Password. Specifies the password of the user.
*Domain Name. Specifies the domain in which the user resides.
OAuth2
Uses the OAuth2 token to authenticate the client.
Microgateway supports the following modes of OAuth2 authentication:
*Custom credentials
*Incoming OAuth token
OAuth2 token. Specifies the client's OAuth2 token.
JWT
Uses the JSON Web Token (JWT) to authenticate the client.
If the native API is enforced to use JWT for authenticating the client, then Microgateway enforces the need for a valid JWT in the outbound request while accessing the native API.
Microgateway supports the Incoming JWT mode of JWT authentication.
Alias
Name of the configured HTTP Transport Security alias.