I’m following the same for keys creation, adding the roles assigned to either the key or the token.
The difference I see is in the policy definition, but I have a question:
Does auth_types require specific value “ba”, or should it be “basic”?
The reason is, at API Definition, I’m calling it as basic. Have a look in the second code block.
All the rest seems the same, any chance you post your api definition pls?
{
"auth_type": "multiAuth",
"auth_types": [
"ba",
"authToken"
],
..}
I tested API definition with use_standard_auth and use_basic_auth flag using all combinations of true/false.
It only works when one is true and the other is false, no matter which. Either Basic Auth works, or Bearer Token works.
Just to confirm, both should be true, right?
"use_basic_auth": false,
"use_keyless": false,
"use_standard_auth": false,
"auth_configs": {
"authToken": {
"use_param": false,
"param_name": "",
"use_cookie": false,
"auth_header_name": "AuthToken",
"use_certificate": false,
"signature": {
"algorithm": "",
"header": "",
"secret": "",
"allowed_clock_skew": 0,
"error_code": 0,
"error_message": ""
}
},
"basic": {
"use_param": false,
"param_name": "",
"use_cookie": false,
"auth_header_name": "Authorization",
"use_certificate": false,
"signature": {
"algorithm": "",
"header": "",
"secret": "",
"allowed_clock_skew": 0,
"error_code": 0,
"error_message": ""
}
}