Staging Authorization

Question

I'm developing a C# application to access our community and am having difficulty authorizing with the Staging environment for testing. Is it possible to automatically provide the username / password in HTTP headers to authenticate? I've tried adding an Authorization header in the form "Authorization: Basic " with a Base64 encoded "username:password" parameter. I've also added "Host: Lithium" header field, but I receive a response of "503: Service Unavailable". If I don't include either of these header values I get the expected 401 error. Are there other headers I need to include?

The URL I'm trying to get is http://community.stage.lithium.com/community/restapi/vc where "community" is our community name. I'm not familiar enough with basic HTTP authorization to figure this out :smileysad:

adamn · Answer

It sounds like you've got the right process as far as basic authentication is concerned. Here's an example that another community user had from their Java source code, for comparison:
URL categoryUrl = newURL("http://forums.mycompany.com/.../restapi/vc/categories/nested");
	BASE64Encoder encoder = new BASE64Encoder();
        String encodedCredential = encoder.encode( (userId + ":" + password).getBytes() );
        httpUrlConnection.setRequestProperty("Authorization", "BASIC " + encodedCredential);
&nbsp;
The first thing I'd suggest is checking to make sure you have the right URL for the call. What happens when you attempt to access the URL in your browser? Do you see a successful response? If your IP address isn't whitelisted, you may need to enter the basic authentication credentials in your browser as well.

rmcshane · Answer

When I try to access the same URL from a browser I receive our root list of Categories, so I don't think there's a problem with the URL. The response comes after the login prompt from the staging server which means my IP address hasn't been whitelisted.

Is automatic login (or more accurately automatically validating the tester's requests) in the C# application possible? I don't want to require our test team to log in since that behavior isn't consistent with the production server.

Thanks for any help you can offer!

adamn · Answer

It is possible to add IP addresses or IP address ranges to the whitelist for your staging environment so that requests from those IP addresses will not require the basic authentication. It sounds like that might be the easiest path for you at this point. In order to get that setup, I'd suggest submitting a request via our Customer Case Portal (the "Support" tab up above). Our support team should be able to assist with adding the necessary IP addresses to the whitelist. You will need to provide them with the externally-facing IP address that the requests will be coming from.

rmcshane · Answer

Thanks again for your help.&nbsp; I figured out the problem: it was my lack of knowledge of how Basic Authorization works.&nbsp; I was expecting to send the authorization information in my first HTTP request and receive a 200 response.&nbsp; What I overlooked is the first response from the server must be 401.&nbsp; After that, I can supply the authorization info in my HTTP header and the server will authorize my client.

Forum Discussion

Staging Authorization

4 Replies

Related Content

Stage SDK Changes?

Aurora: Add co-authors to blog posts

Aurora: Remove co-authors from blog posts

Aurora: Add and remove co-authors and contributors on articles

Care Routing by Author

Recent Discussions

liqlAdmin in khoros aurora graphql API

Join node/group 301 API error

How do I get the article ID in Freemarker in a TkbArticle?

How to retrieve "Internal reason for ban" field

Tips on keeping stage and prod in alignment?