Authenticate

Validates the client's identity using a configured authentication provider.

Use the Authenticate policy to validate the client’s identity before the request is processed in the assembly. You can require specific scopes or authentication details.

For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.

Example of an Authenticate policy in code view.

kind: Authenticate
apiVersion: api.ibm.com/v1
metadata:
  name: authenticate-subscription
  namespace: security
  version: 1.0
spec:
  namespace: 'user' 
  operation: # (required)
    subscription: {}
---
kind: Authenticate
apiVersion: api.ibm.com/v1
metadata:
  name: authenticate-subscriptionCredentials
  namespace: security
  version: 1.0
spec:
  namespace: 'user' 
  operation: # (required)
    subscriptionCredentials: {}
---
kind: Authenticate
apiVersion: api.ibm.com/v1
metadata:
  name: authenticate-jwt
  namespace: security
  version: 1.0
spec:
  namespace: 'user' 
  operation: # (required)
    jwt: 
      audClaim: 
        - 'aud-claim-1'
        - 'aud-claim-2'
      providers: # (required)
        - 'provider-1'
        - 'provider-2'

---
kind: Authenticate
apiVersion: api.ibm.com/v1
metadata:
  name: authenticate-oauth2
  namespace: security
  version: 1.0
spec:
  namespace: ''
  operation: # (required)
    oauth2: 
      providers:
        - 'provider-1'
      audClaim:
        - 'aud-claim-1'
        - 'aud-claim-2'
      introspectionCredential:
        idHeader: 'x-rh-identity' #type: string (required)
        secretHeader: 'x-rh-secret' #type: string