I'm trying to create a test REST API in Ivy version 7.1 like the below: alt text then test it on Postman and get this response: alt text

Moreover, when I try to access the API by Chrome browser.

First time attempt: alt text Then cancel it and get this response: alt text Then press F5 and I get this response: alt text

According to the last comment on this topic https://answers.axonivy.com/questions/1858/rest-service-security

The REST service provided by Axon.ivy are be default protected by HTTP BASIC Authentication.

So my question is that why I could access the API without the basic authorization on Postman? I also test with the same scenario in Ivy version 6.2 but I'm unable to access the API without the basic authorization. Thanks

asked 26.06 at 02:59

thminh's gravatar image

thminh
114
accept rate: 0%


It a Designer thing. Postman does not seem to show a Basic auth dialog. So the Designer will automatically sign you in as Developer. You will not see such behaviour with a real engine.

But you could specify pro-actively a user to log in with postman by setting secure auth headers: alt text

Another thing that could be confusing is the cookie store that knows the attached JSESSONID once you had a successfully authenticated session. You may clean it up manually to switch the user alt text

link

answered 26.06 at 03:42

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
7.1k11342
accept rate: 70%

edited 26.06 at 04:07

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×19

Asked: 26.06 at 02:59

Seen: 117 times

Last updated: 26.06 at 04:07